How to block ads at router level
Is it possible to block ads from the router level and not by application level? I'd like to filter ads for all devices connected to my home wifi.
Googling I found that there is the possibility to change the firmware of some router to install "Tomato" and run an ad blocking script on it.
Is there some other possibility?
16 Answers
For a router to do this, it would have to be more than a router. To truly filter ads, you have to sit at the application level, layer 7. Routers sit at layer 3 and 4. To a router, ads and legit website traffic can come from the same IP address, making it impossible to differentiate between the two.
1This is not an entirely self-contained solution, but you could get a Raspberry Pi and install pi-hole. Then you make the Raspberry Pi your router's DNS server and the Pi does all the add blocking. It should block ads across your entire Wifi network.
1You may want to consider changing the Router's DNS configuration to a DNS Service that blocks ads networks. This way, when any device on your network loads a page (or an app) that includes ads, the DNS service will send it to the wrong place, and it won't be able to download the ad. I don't do this, so I can't recommend a specific ad blocking DNS service. If you search for them, there are several options to choose from.
2surfasb pointed out that a basic router can't do this because they normally don't look at application layer traffic.
While there are scripts for open-source router firmware available, they aren't foolproof and require a good knowledge of what you're doing. Even then, they don't work all the time, and introduce latency (see below). Doing it wrong could brick the router.
You would need an appliance that can inspect traffic and block the things you specify. One example that I use is Untangle. You would place an appliance like this between your router and your devices. Untangle could also work as a router itself, in which case you could eliminate your current router.
Another option is getting a router/firewall that can inspect application traffic, which are usually pretty expensive. Cisco offers some options, though, in it's ASA line of firewalls.
Be aware that unless you plan on spending a lot of money, technology that could do what you are asking is going to make the internet slow (latency). The better solution would be to simply install ad-blocking software on your client machines.
Using a Pi Zero to block ads through Pi Hole is something I recommend. I have been using it for quite some time now and it works perfectly. Only Challenge is when you have many devices in your network and all of them use pi as their DNS controller, it tends to heat up pretty fast. And that is why I use a pi cooler to cool it down.
2You can definitely block most ads at the router level without changing much on your router or installing new software.
I explain this in details in this Medium post. Simply create a free account with OpenDNS and set this as the default DNS in your router. You can block entire categories (e.g. Gambling or Porn) and whitelist or blacklist up to 25 specific domains. One great feature is that they act as wildcards, so blocking taboola.com will block *.taboola.com.
An even easier alternative is to use AlternateDNS, as explained on instructables. You won’t be able to block or whitelist custom domains though.
