configuring automatic dns acquisition from vpn-server in openwrt

opiumprince · July 6, 2025, 9:10pm

Hello. I faced a problem when connecting OpenVPN on Xiaomi AX3000T router with OpenWRT firmware (tried versions 23 and 24).

The VPN session itself installs successfully - I get an IP address from the VPN server, but the DNS is still from my ISP, not the one that should be given out through the VPN.

I checked the configuration on other devices - the VPN server does send its DNS (via dhcp-option DNS x.x.x.x.x), but on OpenWRT it is not automatically applied. As a result, DNS queries bypass the VPN, which violates privacy and sometimes causes problems with access to the desired resources.

I want to implement such a configuration that OpenWRT automatically pulls up the DNS sent from the VPN-server without the need to manually write it every time (since dynamic DNS is used and it can change).

Could you please advise me on how to properly configure this behavior?

I would be grateful for any recommendations, especially if someone has already solved a similar problem on OpenWRT

frollic · July 7, 2025, 9:49am

Where did you find your ISPs DNS IP ?

egc · July 7, 2025, 10:57am

OpenWRT does not do that by default (I know other third party firmwares will do this)

I use a script to do exactly what you want , get the DNS server pushed by the server and use that exclusively when the tunnel is up.

See: https://github.com/egc112/OpenWRT-egc-add-on/tree/main/stop-dns-leak/use-openvpn-dns

opiumprince · July 7, 2025, 11:10am

I looked at whoer.net and it writes my local dns from my ISP

opiumprince · July 7, 2025, 11:27am

I did exactly the same thing, but I can't load some websites, and Leak dsn can't check. It gives “test error”.

Summit48 · July 7, 2025, 12:19pm

It is possible to select the DNS provider of your choice when using Tailscale instead of OpenVPN.

DNS in Tailscale

egc · July 7, 2025, 12:22pm

What does the log say?