An alternative option for those already running an OpenWRT router - whether that be on dedicated hardware (usually a reflashed commercial wifi access point + router) or as a virtual router (e.g. running in a container or VM, this is how I use it) - is to use the Adblock package and configure it to force local DNS (Redirect all DNS queries from specified zones to the local DNS resolver, applies to UDP and TCP protocol). This partly works but it is not effective against applications (e.g. TikTok) and devices (e.g. 'smart' televisions) using DoH (DNS over HTTPS) since that traffic is indistinguishable from normal web traffic without deep packet inspection. I have tried to run ipset-based blocklists to force such applications and devices to use 'normal' DNS but this is not really feasible as DoH servers can be hosted just about anywhere.
My setup is on a nanopi running FriendlyWRT/OpenWRT with Docker installed. PiHole is easy to run from docker - have a look at https://github.com/pi-hole/docker-pi-hole/
FreshTomato also has a adblock function that can go off the usual web lists. DD-WRT I recall does as well. Just goes to show the open source firmwares in general are superior and it should be a feature people look for when buying routers.
