1 comment

  • Avatar

    Short answer:

    Pi-hole is a DNS server.  Firewalla is a layer 3 to 7 Firewall, that also includes DNS server, VPN Server, IPS/IDS.

    Pi-hole sees domain names.  Firewalla sees IP Addresses and Domain Names and Protocol actions (such as a failed ssh attempt) 

    Long answer:

    "Pi-hole is a Linux network-level advertisement and Internet tracker blocking application[2][3][4][5] which acts as a DNS sinkhole[6] (and optionally a DHCP server), intended for use on a private network.[1] It is designed for use on embedded devices with network capability, such as the Raspberry Pi,[3][7] but it can be used on other machines running Linux and cloud implementations.[6][8][9][10]

    [Quoted from Wikipedia]

    Pi-hole is a DNS based device, which means it sees DNS requests such as "what is the IP address of"

    Firewalla, on the other hand, is a network layer device.  It sees all network traffic, including DNS requests, and able to control data streams.  (Firewalla is also an IPS/IDS/VPN Server/DNS server ... and can filter traffic using IP addresses)


    Firewalla will know how much data is getting transferred between your devices and the internet.   It can block any connection between your LAN and WAN.   Pi-hole will not be able to see this, nor block any IP addresses.

    Firewalla will be able to enforce which DNS server your devices are using by listening to the stream of data and change the DNS server to the one you configured.   (including forcing everything to go into Pi-hole).  

    Firewalla will be able to see and block if someone is trying to hack your system.  Such as ssh ... guessing password... 



    Pi-hole is a very powerful DNS server, it can fully coexist with Firewalla.  And Firewalla can manage which devices can be served by pi-hole.  

    Since Firewalla is an open platform, you are free to run pi-hole inside the firewalla.


    Comment actions Permalink

Please sign in to leave a comment.

Powered by Zendesk