I am using the VPN Policy feature to only allow certain domains to go over VPN but it seems like my GL-iNet Convexa-S running 3.104 forces DNS queries to NextDNS over VPN despite me not having any NextDNS related domains/IPs in the VPN Policy table. Is this a normal behavior?
I have “Use VPN for all processes on the router” disabled btw.
Maybe that’s your vpn’s dns? In my case in mt300n v2 router i have to enable ‘Manual DNS Server Settings’ so any website outside vpn policy will use default dns and not use vpn’s dns
When using custom DNS servers (normal DNS), it passes over VPN but when I use DoT (by editing stubby config and replacing the Cloudflare entries with NextDNS), it uses the direct connection normally.