Thank you for the link, I have been running Pi-Hole and OpenVPN for a long time so i know the pros and cons 
You miss the essential point - I need / want a solution to ad-blocking that does not require any IT skills to implement.
An open Pi-Hole meets that demand.
If amplification attacks that have source IP inside my GeoIP fence start to be a problem, then i will find another solution or tweak the one i already got.
Fail2Ban is very powerfull and flexible 