That fixed the lack of working DNS for the normal LAN, but the VPN LAN is back to using the ISP DNS.
EDIT: Setup a static route to force all 10.225.255.2 requests out via the VPN, but for some reason it is sending all DNS requests (including LAN) to 10.225.255.2 over the VPN (which is admittedly better than it sending everything over the WAN).
Then you should verify that Dnsmasq instances are bonded to the correct interfaces.
Compare interface addresses, Dnsmasq PIDs and runtime configs for those PIDs:
netstat -l -n -p | grep -e dnsmasq
pgrep -f -a dnsmasq
Also verify that your network is configured properly:
uci show network.lanvpn
23541 /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.dnsmasq -k -x /var/run/dnsmasq/dnsmasq.dnsmasq.pid
23542 /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.vpn -k -x /var/run/dnsmasq/dnsmasq.vpn.pid
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 23541/dnsmasq
tcp 0 0 192.168.77.7:53 0.0.0.0:* LISTEN 23541/dnsmasq
tcp 0 0 192.168.1.1:53 0.0.0.0:* LISTEN 23541/dnsmasq
tcp 0 0 192.168.88.8:53 0.0.0.0:* LISTEN 23541/dnsmasq
tcp 0 0 "VPN ADDRESS":53 0.0.0.0:* LISTEN 23541/dnsmasq
tcp 0 0 ::1:53 :::* LISTEN 23541/dnsmasq
udp 0 0 127.0.0.1:53 0.0.0.0:* 23542/dnsmasq
udp 0 0 192.168.77.7:53 0.0.0.0:* 23542/dnsmasq
udp 0 0 192.168.1.1:53 0.0.0.0:* 23542/dnsmasq
udp 0 0 192.168.88.8:53 0.0.0.0:* 23542/dnsmasq
udp 0 0 "VPN ADDRESS":53 0.0.0.0:* 23542/dnsmasq
udp 0 0 127.0.0.1:53 0.0.0.0:* 23541/dnsmasq
udp 0 0 192.168.77.7:53 0.0.0.0:* 23541/dnsmasq
udp 0 0 192.168.1.1:53 0.0.0.0:* 23541/dnsmasq
udp 0 0 192.168.88.8:53 0.0.0.0:* 23541/dnsmasq
udp 0 "VPN ADDRESS":53 0.0.0.0:* 23541/dnsmasq
udp 0 0 0.0.0.0:67 0.0.0.0:* 23542/dnsmasq
udp 0 0 0.0.0.0:67 0.0.0.0:* 23541/dnsmasq
So it looks like both are on the same IPs for some reason.
config dnsmasq 'lan'
option local '/lan/'
option domain 'lan'
option leasefile '/tmp/dhcp.leases.lan'
option resolvfile '/etc/resolv.conf.lan' #copyresolv.conforadd2dnsupstreamorleaveorg
option serversfile '/tmp/adb_list.overall'
list interface 'br-lan'
config dnsmasq 'vpn'
option local '/vpn/'
option domain 'vpn'
option leasefile '/tmp/dhcp.leases.vpn'
option resolvfile '/etc/resolv.conf.vpn' #addvpndnsmanually-oruse-upscripttopopulate
option serversfile '/tmp/adb_list.overall' # use same file
list interface 'eth2' # router-interal-interface facing clients
NOTE: dhcp section needs alternate names i.e.
config dhcp 'landhcp'
config dhcp 'vpndhcp'
/etc/openvpn/YOURVPN.conf
script-security 2 # to use 'up' and 'down' scripts
up "/etc/openvpn/updns"
#down "/etc/openvpn/downdns" # not using right now
updowngen.sh
cat<<'EOF' > /etc/openvpn/updns
#!/bin/sh
echo $foreign_option_1 | sed -e 's/dhcp-option DOMAIN/domain/g' -e 's/dhcp-option DNS/nameserver/g' > /etc/resolv.conf.vpn
echo $foreign_option_2 | sed -e 's/dhcp-option DOMAIN/domain/g' -e 's/dhcp-option DNS/nameserver/g' >> /etc/resolv.conf.vpn
EOF
chmod +x /etc/openvpn/updns
Both of those scripts just result in an empty resolv.conf.vpn file.
You shouldn't expect everything to work flawlessly from the first try.
It requires some tuning in accordance with your configuration.
If you want to perform script troubleshooting, then enable debugging:
#!/bin/sh
set -x -v
exec &>${0%.*}.log
set
...