I'm still a rookie when it comes to this stuff so don't expect a lot of technical stuff.
I would like to combine Pi-Hole with NordVPN. What I mean by this is to install NordVPN on my router at home so all my devices use that VPN and manually adjust the VPN's DNS server to the Pi-hole. It would be great to use this setup outside my home as well. So, connect to my router which functions as a VPN server (I think?) and uses the Pi-hole for DNS. I want to maintain all other functionality from NordVPN (i.e., connect to other remote servers etc.)
The only downside I can think of is that this will generate quite some latency because when I work remotely, I first have to connect to my home network from where it connects to a NordVPN server.
Would love to hear ideas from you guys because, like I said, this stuff is pretty novel to me and I only know the basics. Cheers!
You should also consider other forums that focus on VPN service providers, preferably the ones from your NordVPN (you pay for their service, after all ) and maybe how to run a VPN server as well.
There is a difference between using a VPN service provider and running a VPN server in your own network at home (e.g. to allow secure, authorised access by remote clients).
When using a VPN service provider, that provider is running the VPN servers that you can connect to by using the appropriate client software.
Installing or enabling such client software on your router (provided your router supports that) would turn your router into a VPN client of your VPN server provider. Your router would then be configured to transparently encrypt your external, public traffic as initiated by your local clients.
You could run Pi-hole as usual in that scenario: Your local clients in your home netgwork would send DNS requests to Pi-hole, and Pi-hole filters and then forwards allowed requests to your router, which in turn sends traffic to NordVPN servers. To be sure you don't accidentally leak DNS requests, you could consider to configure your router as Pi-hole's sole upstream DNS server in such a scenario.
However, your router wouldn't act as a VPN server itself, i.e. all local traffic is still unencrypted, and it wouldn't allow for secure connections of remote clients.
For that, you'd need to install or enable VPN server software on your router or on another dedicated host in your network.
On top of that, note that your ISP's upload bandwitdh will become your remote client's maximum download bandwidth when your VPN server is located in your home network. Whether that will be saturated will also depend on your hardware (mainly due to computational cost of encryption).
When using a roaming, remote client like your smartphone, you have choice of using NordVPN's client software without Pi-hole, or remotely connecting to your home network'sVPN server with some suitable client software on your phone, where traffic can be filtered through Pi-hole.
If it is just DNS filtering you're after for your roamng clients, the latter approach would allow you to configure a split VPN tunnel in order to send just DNS requests through your home network while other traffic is routed through your usual mobile data network, making the most of using your mobile bandwidth.
) and maybe how to run a VPN server as well.