Hello! I've just recently switched from DD-WRT to OpenWrt on my Archer C7 v5 AC1750.
I live in an area with an atrocious monopolized ISP (Centurylink) and my internet speeds suck. 3-ish mbps down and 1-ish mbps is not okay in 2022... but damn, that's all I get. There are no other ISPs in my area other than satellite options. Of course...going to satellite would mean unplayable multiplayer games, and convincing my dad to get Starlink isn't going to do much good either (it doesn't help that the equipment may not ship out until sometime in 2023 anyway, so I am stuck with this trashy ISP). I'm also a content creator/streamer. Bad internet and content creation/streaming of course doesn't mix well... but I gotta make do with what I have.
So here's the breakdown:
In order to not get "blamed" by the shitty ISP, the ISP's DSL Modem/Router is being used. I don't have access to it's admin interface (my dad keeps the password for that). And if I did, it's not very configurable anyways (even the DNS apparently can't be changed, and I certainly can't connect to my VPN with it either).
My router, which is a Archer C7 v5 running OpenWrt connects to the shitty ISP router over 2.4Ghz as a client, which is where I get my internet (I'm not allowed to plug my router into the shitty ISP router directly). Off of the same router, I'm running a wireless access point on 2.4Ghz and 5Ghz.
The nice thing about OpenWrt is that I can run an access point on 2.4Ghz, even though the 2.4Ghz radio is already being used as client (this enables my 2.4Ghz-only devices like my Chromecast, smart RGB bulb, and an old smartphone to be able to access the internet) whereas DD-WRT couldn't in it's GUI. DD-WRT's client mode disallows running an AP on the same radio at least on my router. Also the QOS/SQM in OpenWrt works better than DD-WRT's.
Tidbits aside, I deployed a PiHole instance in Oracle Cloud with WireGuard VPN mostly following this guide. The reason for this is to enhance my security and privacy ever so slightly (bypassing Centurylink's DNS and instead using my PiHole DNS which has Handshake Decentralized DNS as the upstream DNS provider), while of course getting rid of a bunch of ads that suck up my precious bandwidth. BTW, the reason I am running it in the cloud is so that I can still use my VPN outside of the house, without relying on Centurylink's trash service.
Thus, here is where the problem starts. When using my router with the WireGuard client to connect to the WireGuard/PiHole VPN, my PiHole is not filtering my DNS requests... and I'm getting DNS leaks. This results in my PiHole being unable to block ads, inappropriate sites, malware domains, etc... However, If I connect directly to my WireGuard/Pihole VPN (not through the router but using the WireGuard app) everything works as expected.
Eventually, I did find a way to make it work... except now if I disable my VPN interface, my internet stops working (which I don't want, and I had also fixed). I did that by setting the DNS settings in the Network > Interfaces tab to match my VPN, as well as change the DNS settings to match my VPN in the Network > DHCP and DNS tab.
So my question is, how can I force the DNS of my VPN to be used when my VPN interface is enabled; but automatically have Handshake DNS be used when my VPN interface is disabled?
Also I don't want to have to restart my router either, if possible.