Pi-hole, split DNS, and fewer mysteries

How Pi-hole fits a self-hosted stack: LAN DNS, ad blocking, and why internal names deserve the same care as public ones.

Pi-hole is often introduced as an ad blocker, but in infrastructure work it is also a DNS control plane for your LAN: local records, upstream selection, and a place to see what clients are actually asking for.

Split DNS is a feature, not a bug

Public DNS tells the world where your domain lives. Internal DNS tells your workstations where the proxy or service lives on your network. When those two views disagree thoughtfully, you get fewer “works on LTE, fails on Wi‑Fi” moments.

Good Pi-hole rows are documentation you can resolve.

The project’s own overview at pi-hole.net explains the architecture in plain language—useful when you are deciding how much blocking you want versus pure internal resolution.

What “done” looks like

Done is when a new hostname is a two-step habit: add the proxy row, add the local record, verify once from a laptop on the LAN. Boring, repeatable, hard to mess up.