Technitium - Recursive DNS server (Pi-hole alternative)

Technitium DNS Server is a free and open-source solution that enables users to have full control over their DNS infrastructure. I wanted to replace Pi-hole for some time now to extend my DNS management skills with a fully featured recursive DNS. Technitium DNS provides a more comprehensive DNS management system with advanced features like DoH, DoT, and support for multiple DNS zones compared to Pi-hole.

Features:

• Multiple DNS Zones: Enables the management of various DNS zones, providing flexibility for complex network configurations.
• Ad Blocking: Effectively blocks advertisements across your network without the need for browser extensions.
• Custom Filtering: Allows for the creation of custom rules to block or allow specific domains, enhancing security and user experience.
• Enhanced Privacy: Supports encrypted DNS protocols like DoH and DoT, ensuring that DNS queries are secure from potential eavesdropping.
• Cross-Platform Support: Compatible with various operating systems, including Windows, Linux, and macOS for easy integration into diverse environments.
• UI: This is more personal, but I wanted to highlight that the UI is amazing and very simple to navigate.

Deploying Technitium DNS Server is straightforward, for this guide, we will deploy it on a Debian VM with its automated installer.

curl -sSL https://download.technitium.com/dns/install.sh | sudo bash

That's it! Navigate to TCP port 5380 to access the web interface. If you can't access the web interface on port 5380, ensure your firewall allows traffic on that port. The default credentials are admin and adminadmin. After signing in, click the account in the top right corner to change the default credentials.

Base Configuration

Navigate to Settings > General:

• Update the DNS Server Domain to your domain. Eg.: dns.domain.com
• Set the Default Record TTL to 600.
• Add your email address under the Default Responsible Person field.

Navigate to Settings > Optional Protocols

• Enable the required DNS Server Protocols, I went with DoH.

Ad Blocking

Navigate to Settings > Blocking:

• Enable Blocking
• Add your Block Lists to the Allow / Block List URLs text field.
• If you want to exclude any devices from ad blocking, add the device's static IP under the Blocking Bypass List.

Zones

One of the main benefits of using a fully recursive DNS over a sinkhole is the ability to manage zones. Zones let you manage internal services, redirect domains locally, or run split-horizon DNS setups. This is especially useful for homelabs or self-hosted services. This example zone for domains through our reverse proxy:

• Navigate to Zones. You will notice that the default ARPA addresses are already added.
• Click Add Zone:
  • Select Primary Zone
  • Enter your domain, eg.: domain.com
  • Add an A-record to point to your reverse proxy with TTL 600.

If you run into issues or want to dive deeper, the Technitium community forum is a great resource.