Example reasons for filtering DNS include blocking ads to filtering out harmful sites (content or malicious).
Pihole has been dockerised so you can see my example here.
I enabled DNSSEC and found a few issues and surprising the lack of support some domains have. For example Tesco doesn’t support it.
Pi-hole is an all or nothing. There is no way to exclude VLANs or individual devices from the block lists.
There is no way to subscribe to white lists which seems odd considering the feature exists for block lists.
Cashback sites such as Quidco are also blocked. I suspect the link referrals are part of advert block lists.
It was very easy to setup and amazed the power it gives in a simply to configure interface. I do believe this is a power user feature as in you will need to understand the networking side and be able to troubleshoot the issues.
The query log is very powerful and I can see what is going through the network and what my ISP would see too.
I hear great results from other people using the system however the default blocklists are already causing issues for me.
My plan is to potentially remove/disable the out of the box list and start my own by setting up a Git repository. It will operate on a allow first and reactively blocking.
Another point is to setup the network to disallow overriding of DNS servers on each device.