Help a noobie
I’m running Technitium DNS Server as my network-wide DNS server and I’m trying to make sure ad blocking is working correctly.
My setup:
DHCP is handled by a Nokia XS-2425G-B modem/router
DHCP hands out my Technitium box as DNS (192.168.1.12)
Clients are resolving through Technitium
I am not using upstream forwarders — Technitium is running as a full recursive resolver
Blocking is enabled in Technitium
Blocklist currently used: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/pro.txt
I initially thought blocking wasn’t working because ads were still showing, but testing doubleclick.net in Technitium DNS Client now returns:
RCODE: NxDomain
and:
source=blocked-zone; domain=doubleclick.net
So it looks like blocking itself is working.
What still confuses me:
I still see ads in some apps/sites
Dashboard sometimes shows relatively low blocked counts even though ad-related domains appear in query logs
I’m trying to understand whether this is normal DNS behavior (first-party ads / app CDN domains), or if I’m still missing something in my setup
A few questions for people familiar with Technitium:
Is doubleclick.net returning NXDOMAIN enough to confirm the blocking pipeline is working correctly?
Is it normal to still see ads in apps/social media even with a working DNS sinkhole?
Which domains are best to test next to verify whether ads are bypassing DNS or just coming from first-party domains?
Any recommended blocklists/settings that improve mobile app ad blocking without breaking normal services?
Would appreciate any troubleshooting advice.
This all runs in docker