Pi-Hole or the adblock package for OpenWRT are probably better examples. GL.Inet routers are already natively supported by OpenWRT (since their firmware are just custom forks) so one can flash them.

They come with OpenWRT already, just have a much nicer UI.

You can still access LUCI openWRT UI if you need advanced features.

If you need a new router, they are a decent choice, better than average performance, no need to flash anything.

Yes, theirs is a custom fork. Only commented about flashing to vanilla OpenWRT in relation to your comment about being spying concerns (and since some, including myself, aren't that comfortable with their remote cloud service built into it).

Not with encrypted DNS (DoH and DoT).

Your router can proxy encrypted DNS (if you have some decent firmware) or you can set up your own DNS server. There are also things like nextdns.io which can do all the work that a pihole does but works outside your home network.

I think the point is that some applications will use DoH/DoT/a custom protocol to bypass DNS-based blocklists. It's trivial to run your own DoH/DoT/custom server if you just hardcode the IP into your application.

You can still block those by doing IP-level blocks for known ad domains, but that starts to become a problem if one of those domains are run from a shared cloud host (i.e. Cloudflare etc.) because you will also block legitimate domains.

Most in-app ads and tracking will still use HTTPS so if you use SNI sniffing + certificate validation (to prevent domain fronting) you can still do network level blocks, but that's quite resource intensive, especially at modern internet speeds.

And not once encrypted SNI has proliferated.