Private DNS on Android 9 and 10

Private DNS with a VPN is like pressing both the brake and the gas on a car. Both want to set the system-wide DNS resolver.

When I use the Private DNS feature of Android 10 and then connect to a VPN (tested with 3 VPNs) the Private DNS is used and the VPN DNS is ignored. On Android 9, my experience is the opposite, it always uses the VPN DNS (again tested with 3 VPNs) and ignores the Private DNS.

Does anyone know how this is supposed to work?

I updated recently to Android 10 and didn’t notice that. But i have to damit that I have to deactivate it sometimes because it prevents me from connecting to some public WiFi networks.

I have OpenVPN running and use pihole as resolver within the VPN and 1.1.1.1 as upstream and yes, the VPN DNS is ignored. This could become ugly when it comes to internal name resolution. :man_facepalming:

But that’s a question to ask Google for.