I probably have a robust setup for someone who actually doesn’t know much.
I just finished setting up my homelab network. I would say it’s pretty secure as I had a CS engineer help me with it. I’m using VLANs and right now have all DNS pointing to my pi-hole.
I also have ProtonVPN for all of my devices. I noticed that if I’m connected to the VPN, my traffic doesn’t go through my Pi-Hole, which I now understand is expected.
The part where now I’m not sure about what I want or need is deciding between my Pi-Hole and ProtonVPN.
If my threat model is to protect my data from corporations and service providers, should I pick one over the other?
You could use both if you wanted, although an even easier solution would be to just use Proton’s NetShield which does basically the same thing as Pi-Hole.
Is your ISP an adversary? The VPN will conceal your web activity from the ISP, the PiHole will not.
Are you visiting sites from whom you’d like to hide your location? Web servers can see the IP address from which you are connecting; a VPN will mask your home IP, PiHole will not
If your threat model doesn’t answer ‘yes’ to either of these, favor PiHole over VPN. Websites use tons of trackers to ID you and collect all kinda of data about your behavior, device, demographics, etc. A PiHole with proper lists will block many of these, a VPN will not (not counting the NetGuard tool Jonah mentioned; it works fine, I dont love it personally)
Like Jonah alluded to, you can use both tools if you’re so inclined. It would involve configuring your VPN connection at the router level for your whole LAN, instead of your current per-device setup.