johnmaguire
commented
1 year ago Unfortunately, I don't think this is currently possible due to a (bug? design feature?) of Android: https://issuetracker.google.com/issues/141674015
For current design, If private DNS is enabled, then the DNS query should go to the private DNS server even though device established a VPN connection. If you want to use the custom DNS which is given by VPN server, then you can just disable the private DNS.
I believe Private DNS bypasses the VPN entirely, and takes precedence over any VPN-installed DNS servers (e.g. those that would be installed by #9.)
So I think to make this work how you want it to we'd need to expose a way to set DNS servers when building the VPN service, and use that instead of the Private DNS feature of the phone.
Cyberes
I set my DNS server via the "Private DNS" setting in Android to an IP on my Nebula network. I can confirm my device can use it to resolve DNS using
dig [domain on my Nebula network] @[Nebula IP of DNS server]and the server responds with the correct IP (you have to use@in Termux since it sets its own nameservers).Setting the DNS server to a Nebula IP kills DNS resolution for the entire device. It appears that Android is not routing the DNS queries over the Nebula VPN connection.