I run a VPN through PIA and I use their DNS servers to help prevent leakage. I have a pi-hole on the network.

UT's WAN interface gets DHCP addressing from my ISP, but I force my VPN provider's DNS.

UT's internal DHCP server assigns my pi-hole as the DNS server for all internal network clients.

The pi-hole uses the VPN provider's DNS server as its upstream DNS server.

Routinely, and with no warning, the entire network stops resolving DNS. Every host, including the pi-hole, is unable to resolve, except UT. I can ssh into UT and resolve off the VPN provider's server, no problem. When I manually change clients behind UT to point to the VPN DNS servers, and not the pi-hole, sill no go. Only when I use 1.1.1.1 or 8.8.8.8 does DNS finally being resolving again.

Sometimes UT reboot fixes this. Sometimes if I take the VPN tunnel down and up, that fixes it. Sometimes if I change VPN servers, that fixes it.

I'm trying to troubleshoot which link in the chain is causing the problem, and am open to suggestions.

Thanks.