Information related to DNS

I Just need some information related to DNS. I have the following scenario.

On my flint router i have openvpn client enabled with vpn policies with domain/ip using not to use VPN.

for example, i have domain not to use vpn, so how dns will be resolved in that case, will it resolve the vpn’s local regional IP addresses or as it is bypass it will resolve outside of VPN ?

Note: DNS servers which i’m actually using are actually routed over vpn, as i have never mentioned to be bypass

Add to your domain/IP exclusions, apply & check the results.

For best results I recommend setting your DNS to an Encrypted service to keep its control out of your VPN provider’s hands.

(GL GUI → Network → DNS → DNS Server Settings → Mode → Encrypted DNS + Encryption Type → DNS over HTTPS)

doing this will segregate the dns quaries based on where the traffic is routed?

and addition to my scenario shared, i’m also using adguard Home.

ipleak will help you determine what DNS is being used when you’re enforcing other devices (‘clients’) to use/not use the VPN, accordingly.

IDK how much of this will work w/ AdGuard Home & I doubt it without some unsupported customizations; by default that takes control of all DNS resolution at the local level/local connections within OpenWrt & forwards them to the AdGuard Home service which runs independently ‘behind the scenes’ of the GL GUI which runs atop OpenWrt Linux.

Your Flint would be sending all DNS fowards to something like to shunt that DNS lookup through AdGuard Home first. I don’t use AdGuard so I can’t confirm/comment further.

Port 5453 isn’t a standard DNS port. :53 is the classic, unencrypted, insecure port (Do53).

In adguard home traverse to dashboard->settings->dns setting

Under dns setting please specify the domain which is excluded for vpn as per the following.

[/]localdns server IP
*make sure the dns server is also excluded from vpn


This if you want to match sub domains too