[AsusWrt-Merlin] Local DNS server not queried when connected to VPN server

[Ribboa]

Hello,

I own an Asus RT-AC87U with AsusWrt-Merlin 380.68_4. The local ip is 192.168.0.1.

I have a problem configuring my DNS server which is provided by my Asus router.

I have a domain (example.org). I have an nginx hosted on my router (port 81) which should be accessible from the internet via example.org:81. Therefore I use dynamic dns to force external dns server to resolve example.org to my current ip. That works fine.

Whenever I want to access example.org:81 from lan I do want to resolv the hostname locally. Therefore I added this to /jffs/configs/dnsmasq.conf.add

address=/example.org/192.168.0.1

When I execute nslookup example.org from a lan device, the domain is resolved to 192.168.0.1. Fine!

Now my problem: Thenever my LAN device is connected to a VPN server, my local dns server is not queried anymore. Therefore the local dns entries are ignored and example.org is resolves to my public ip instead to the local one.

Trying nslookup example.org 192.168.0.1 returns

DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.1

After disconnecting from the VPN the command returns

Server:  RT-AC87U.local
Address:  192.168.0.1

Name:    example.org
Address:  192.168.0.1

Is it impossible to query local dns server while being connected to an VPN? Or do have have to adjust my configuration?

Thanks for your help!

 

[RMerlin]

You have to chose between using the remote DNS, or your local DNS - you can't use both at the same time.

Priority is defined by the DNS configuration on your OpenVPN Client config page. Strict or Exclusive will give priority to the remote servers.

 

[Ribboa]

You have to chose between using the remote DNS, or your local DNS - you can't use both at the same time.

Priority is defined by the DNS configuration on your OpenVPN Client config page. Strict or Exclusive will give priority to the remote servers.

Thanks for answering that quickly. I managed to change the order the dns servers are queried (Windows 10), but nslookup example.org returns

DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.1

But it's possible to ping 192.168.0.1. Why is it possible to ping the ip, but not to use it as dns server?

 

[Twiglets]

I would suggest you look at the routing that is defined when running under the VPN Client.

Pinging an 'IP address' does not perform any 'lookup' so works.
I would suspect that the default routing for the VPN client needs to have some persistent static routes defined to the local DNS Server, as well as changing the order of the DNS servers as you have done.