[foobarian]

Do you have advice how to replace the default Internet provider router? I have Xfinity's now and it terminates the coax, does switching, wifi, and does various firewall functions. I assume you have to buy a XXXX, disable everything on the Xfinity box and turn it into a passthrough switch. What is a good XXXX here?

[Icathian]

You don't, really. You can (usually) change the DNS resolver your provided router uses to an internal IP, then statically assign that IP to your pi-hole. It's about 5 minutes in a GUI web panel, give or take the googling to find and navigate that GUI for your specific ISP-provided router.

That said a better router is usually worth it, I like my Netgear Nighthawk because I'm a bit lazy, someone else probably has a better suggestion.

[gorjusborg]

> You don't, really. You can (usually) change the DNS resolver your provided router uses to an internal IP, then statically assign that IP to your pi-hole.

This is totally right, and that is how I have my network configured. I have a firewall behind a dumb cable modem, and I set the DNS server for the network on that device. When machines configure w/ DHCP, they get assigned the router's address for dns resolution, which then delegates to the pi-hole. That's all specific to my hardware though.

[hot_gril]

You also have to ensure the Xfinity box's DHCP server doesn't lease the Pihole's IP address to a random device. Like set a 1-250 range for DHCP and give the Pi 251.

[grosswait]

Firewalla has been a good experience for me so far.

[BrandoElFollito]

I live in France so obviously I won't help you directly. I guess however that there is a whole community of people in the US who documented "how to replace the box from provider X by the device Y".

Depending on the details, it can go from plugging your fibre directly into a small factor PC, to not being able to do it because even bridging is not available on the box and everything is proprietary.

I for instance replaced the shitty Livebox 3 from my French provider Orange with a PC running Debian. Before that it was a Ubiquity Edge Router 4.

Orange make it difficult to change the device, but not impossible. I would love them to just provide my IP though a standard authenticated DHCP request.

[greyskull]

I've never used Comcast's/Xfinity's own hardware. Always bought my own modem and router, which has generally worked out well, outside of when I'm (rarely) having quirky service issues and can't easily prove that it's not my hardware.

If you don't want to do that and keep their gateway, I'd expect you can run pi-hole anyway, and if you're not getting the behavior you want (e.g., the gateway seems to be intercepting dns or something), you can try DNS-over-HTTPS.

[gorjusborg]

I have spectrum, but same in principal here. Having familiarity with hardware I like is why I opt to provide my own modem and router. If anyone is considering going that route, I've had really good luck with ubiquiti networks unifi line. Really great quality for what you pay.