Router forcing DNS over VPN (VPN Policy)

I am using the VPN Policy feature to only allow certain domains to go over VPN but it seems like my GL-iNet Convexa-S running 3.104 forces DNS queries to NextDNS over VPN despite me not having any NextDNS related domains/IPs in the VPN Policy table. Is this a normal behavior?

I have “Use VPN for all processes on the router” disabled btw.

Maybe that’s your vpn’s dns? In my case in mt300n v2 router i have to enable ‘Manual DNS Server Settings’ so any website outside vpn policy will use default dns and not use vpn’s dns

I am using a different DNS server for my VPN so that is not the case.

Maybe you could try turn off every setting in custom DNS server to see if it helps?

Can you check why you have nextdns? Because you do not have it enabled.

When using custom DNS servers (normal DNS), it passes over VPN but when I use DoT (by editing stubby config and replacing the Cloudflare entries with NextDNS), it uses the direct connection normally.