all right so as we're here to learn
about how to configure mikrotik routers
I'm going to assume that you already
know what a piehole is I'm not going to
get into that I'm going to assume that
you've already got one set up if you've
got no idea what a piehole is just keep
in mind that in order to do what we're
about to do you're gonna need to have
one while it may sound like something
offensive it's actually a single board
computer or even a virtual machine that
runs on your network 24/7 it acts as
your DNS server for your network it
filters out ads at the DNS level so
since the ad never downloads your
Internet becomes perceptibly
perceptively faster your data usage is
reduced a surprising amount and you see
a notable reduction in the number of
advertisements that you're subjected to
now it can have a downside sometimes
such as if you're browsing Amazon
sometimes they'll present you with a
relevant product suggestion but when you
click on it it's gonna get blocked
because it's an ad but all in all this
is a fantastic solution that cuts ads
way down on your entire network you
don't have to install software on your
devices and there's no configuration on
a device to device level as soon as your
device is connected to the network it
gains the filtering capabilities of your
piehole so if you are unfamiliar with
piehole at this point or otherwise if
you don't have one I did a tutorial last
year that walks you through the basic
set up for those of you who are watching
on YouTube or through our website a
category-5 TV you can simply click that
icon to see the tutorial otherwise head
on over to our website category 5 dot TV
and just do a quick search for pie hole
and it's spelt just like you see on the
screen there pie - hole the video you're
looking for is called block ads and porn
using a single board computer
oh wait okay so now that you've
apparently got your piehole
all set up let's see how to configure
this on our mikrotik router so on my
network my piehole device is at 10.00 to
your DNS server obviously has to have a
static IP address within your network so
that's the IP address that I'm going to
be routing my DNS traffic to so I want
to show you a couple things here in web
Figg so I'm going to click on IP which
is already open and then DNS so when I
go in there you're going to see the
dynamic servers that my network is
currently dishing out to all my devices
through DHCP well I want to change that
I want to actually set these to be my
piehole but you notice I can't actually
change those it doesn't allow me to make
any changes here so first what I have to
do is click on DHCP client click on your
ether one in my case which is you'll
remember from earlier in our mikrotik
series the ether one interface is my
internet connection so that's the actual
connection to the router from the router
to the modem to give me my internet
connectivity so I'm gonna click on that
and I'm going to turn off use peer DNS
so basically I'm saying I don't want to
use the DNS that's given to me by my ISP
and hit OK now when I go to when I go to
DNS you'll see now dynamic servers are
gone there's nothing there and
presumably unless it's cached if I try
to go somewhere it's just going to
timeout because right now I do not have
any DNS servers so now I need to add my
own
ten what 10.0.0.0 I done that's all
there is to it in a manner of speaking
but I'm going to reverse that so we've
gone through that process just to show
you I'm going to just kind of I'm gonna
reverse that so that I can show you a
demonstration of what we're actually
what we're performing here what we're
actually achieving so let's turn back on
our pure DNS I have trouble with these
trackpads
I should get a mouse okay so see we're
back on the dynamic so I'm going to
bring up a website and you're gonna need
to do this within Firefox or Chrome
don't do it in brave because brave
obviously already blocks advertising
advertisements don't do it in a browser
that has an ad blocking tool installed
and actively working because it's not
going to actually show you the success
of doing what we're about to do by
revving through our pie hole so what I
want to do is go to HTTP colon slash
slash ads - blocker com and the reason I
want to go there is because it's just an
ad heavy demonstration web site so if
you scroll down a little ways you're
gonna start to see some advertising here
on this website there are ads that come
up on this site it looks like Firefox is
actually already blocking some and so
I'm going again you block origin request
blocked 7 or 10% of this page can I turn
that off
is that what's doing it yeah now we're
gonna see ads there you go so Firefox is
now including an ad blocker that's cool
but understand so well if Firefox
already has an ad blocker why do we need
to go to all this work why do we need a
pie hole remember how I said this does
the ad blocking at the DNS level so and
I hinted to the fact that you're going
to reduce your bandwidth consumption
you're gonna speed up your internet and
that is because with something like an
ad blocking plugin
or an ad blocking browser traditionally
what happens is it still downloads the
ad it just hides it it blocks it but
with the DNS level blocking it's
actually the request to the ad servers
that respond with a null response so
it's actually blocking the ability for
your computer to reach the ad server at
all it can't download anything they
can't track you they can't trace that
request it doesn't matter there it's
going to be blocked at the DNS level so
there's so much more to it so now that
I've got this you block disable you can
see there's a Google ad right here okay
so back over to my micro tick here let's
again go to DHCP client under IP and
there are many ways to do this you can
do this on a network by network basis if
you want but I'm just going to do this
on my entire network because I want any
device that is on my network to go
through the piehole I can turn off use
pure DNS and hit ok now go to DNS and
add my piehole 10 dots
0.2 and this is all quite instantaneous
however there are a couple of things to
note so I'm going to clear my cache
this is DNS cache flush cache so now
anything that has already been accessed
is flushed out of the DNS cache and so
it's not going to be it's it's gonna
request to the game and go through the
piehole the other thing to keep in mind
is you could if you wanted to go into
DHCP server networks so instead of doing
this at DNS I could just say okay my LAN
or my these are my guest Wi-Fi networks
I could just add a specific DNS server
for those so I could do that see how
diverse the configuration can be with a
mikrotik so by doing it that way you
could have multiple pie holes with
multiple different settings you could
have a mum and dad Wi-Fi that has that
has direct access through like Google's
DNS or something like that if you don't
want to block things you can have your
guest Wi-Fi have a more hardened DNS
filter for example so you can do that at
a network level in my case as I say I'm
not doing it at this level I'm doing it
on my full network so my ether one is
gonna go through 10.0.0.0 love its DNS
requests so now if I jump over here and
just refresh this page as simple as that
the advertisement is blocked see that so
it tried to load it see how it's got a
placeholder it tried to access the ad
but it was blocked at the DNS level so
it never got to my browser how cool is
that so with this set up another thing
to keep in mind is that while your
mikrotik DHCP server is is going to dish
out this new DNS setting for 1000 - in
my case you may have a situation where
somebody has maybe accustomed
setting on their phone or maybe there is
there they're running a browser that
overrides your networks DNS settings
that could be a problem because this
setting is not enforced so this setting
can easily be bypassed by your device so
by default your mikrotik device right
now as I've just demonstrated with this
basic configuration is going to download
those settings through DHCP and I don't
know the download is the right term but
it's going to get the new IP and dns
settings from your DHCP server on the
Microtech but if your device has its own
custom settings it's going to circumvent
that so if you'd like to instead and
force it so that even if there was an
override on a device or if your browser
was ignoring your desired DNS settings
on your network well you'll want to
watch further in our series as we're
gonna be looking at how to do what's
called DNS masquerading and with DNS
masquerading we're gonna take what we
learned today on this tutorial and we're
going to take it to the next level which
is to say okay my mikrotik is now going
to basically find any dns traffic that's
going through my network and it's going
to masquerade it so that it has to go
through the piehole there is an
inability on your device to circumvent
or override that even if you set your
your dns settings manually masquerading
will force it to go through in my case
10.0.0.0 at five dot TV slash mikrotik
is covering a wide gamut of how to set
up and configure and use your Microtech
routing device this is we're gonna be
looking more at masquerading in the
future so I'm dropping that keyword for
you because I want you to watch for it
if that's of interest to you you want to
enforce it get on to cap v dot TV slash
mikrotik and look for that one
dns masquerading
[Music]