I want to make the same thing that does the pi-hole ( https://pi-hole.net/ ) but with the mikrotik. They block a lot of domains and the easy way is to create a dns server with statics routes that point that domains to the 127.0.0.1 so you never connect to the ads service they provide.
I got the list of the domains, 160.000 in total but when i try to add by a script the mikrotik freeze and crash. Can someone help me? Can mikrotik create a new model with more memory and disk space with a low price?
Yes, RouterOS was not designed for this purpose, it will overload it, and it will not do what you want. Pi-Hole should be a separate device with a specific OS that is made to do this job.
What if user set another DNS?
Both google and Apple uses their own DNS in some cases, even if you give client your own DNS.
This can be solved by force redirect port 53 DNS request to your DNS server.
I put that in NAT and the only DNS traffic allowed out is from the Pi-hole. Any other traffic on port 53, 5353, 853 is forced to the Pi-hole. Lets hope it ignores fake DNS traffic that eas not intended for DNS servers.
If people are going to the effort to really get around your controlled DNS environment, then they deserve to have whatever you are trying to use - break.
i.e. in PiHole it is more for user protection - a user who can circumvent would know the risks of doing so and protect themselves.
It only really commercially becomes a problem if for instance you are hijacking DNS for the purpose of advertisment injection or something else along those lines, in which case you are a poopy ISP anyways.
