A browser extension has access to the actual requests, while all a network level blocker has is the Server header of a TLS packet at best, just an IP with SNI encryption at worst. That's why PiHole works as a DNS proxy by only properly responding to non-blacklisted hosts with a proper DNS response, but even this might be useless in some cases due to "domain fronting".