Expected Behaviour:
Devices connected to Pi-Hole via OpenVPN should use Pi-Hole as their DNS server.
Actual Behaviour:
I have set up OpenVPN server on my Pi as described on the official documentation.
OpenVPN on Android falls back to Google DNS when connecting to Pi-Hole:
23:02:13.520 -- EVENT: ASSIGN_IP
23:02:13.524 -- Error parsing dhcp-option: [dhcp-option] [DNS] [127.0.0.1] : tun_prop_dhcp_option_error: tun_builder_add_dns_server failed
23:02:13.525 -- Google DNS fallback enabled
My Pi-Hole uses cloudflared
running on port 5053 as the upstream DNS and listens on all interfaces (up to 1 hop away). It is also the DHCP server for my home network.
Relevant lines of my server.conf
(all IPs are LAN IPs):
# push "redirect-gateway def1 bypass-dhcp" # Commented out so it only routes DNS requests via the VPN
push "route 100.120.42.1 255.255.255.224"
push "dhcp-option DNS 100.120.42.30"
Output of sudo ufw status
:
Status: active
To Action From
-- ------ ----
80/tcp ALLOW Anywhere
22/tcp ALLOW Anywhere
VNC ALLOW Anywhere
67/udp ALLOW Anywhere
1194 ALLOW Anywhere
DNS ALLOW Anywhere
80/tcp (v6) ALLOW Anywhere (v6)
22/tcp (v6) ALLOW Anywhere (v6)
VNC (v6) ALLOW Anywhere (v6)
67/udp (v6) ALLOW Anywhere (v6)
1194 (v6) ALLOW Anywhere (v6)
DNS (v6) ALLOW Anywhere (v6)