Quad9 DNS encryption

Please check the RFC-Link I've already posted above and search for "Performance Considerations" - to my knowledge the unbound implementation is currently not performance optimized.

Thanks for your answer, you're right, unbound is not performance optimized:
Picture taken from: https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Implementation+Status

I did manage to get the Quad9 setup working very well. However, when I run OpenVPN client, the DNS still points to the Quad9 instead of the one provided by the VPN Provider.
Is there a way to force the VPN Provider DNS when my OpenVPN connection is active?

Thanks in advance.

Can you configure the DNS-over-HTTPS proxy to run Quad9? Just saw it in the package list, but it is configured to use Google's and by default.

No. 10 characters.

Confusing posts above. I tried:

opkg install unbound odhcpd unbound-control luci-app-unbound

and the terminal said:

Collected errors:
 * opkg_install_cmd: Cannot install package unbound.
 * opkg_install_cmd: Cannot install package unbound-control.
 * opkg_install_cmd: Cannot install package luci-app-unbound.

I'm still seeing dns leaks at ipleak.net

Are these packages deprecated? How do I fix DNS leaks without them?

Did you run opkg update first?

Yes. I had added some DNS numbers which caused the router to fail. I re-flashed with *sysupgrade.bin and don't save settings. Next after PW change, opkg update. (very first thing).