I recently installed openvpn on my rpi4 alongside pihole. - At the moment, I am only using it as a client and pointing it to my VPN provider (IPVanish). In the logs, I can confirm that the connection is automatically being created at startup. However, I wanted to see if there was an easy way to verify that all traffic on the rpi4 is being routed through the VPN tunnel (especially DNS).
Just for background information, here is the full setup that is running on the same rpi4: The OS is Raspbian Lite (buster), and all DNS requests are being forwarded from PiHole to Unbound (port 5353). In the event that Unbound needs to reach out to an external DNS server, it will use DNSCrypt (port 5354). - I ran the extended leak test on dnsleaktest.com and verified that only my preferred external DNS servers are being displayed (and not my ISP). - The three products (PiHole, Unbound, and DNSCrypt) used to reside on an Ubuntu Server 19.04 VM before the rpi4 purchase.