Route all DNS (Dnscrypt) through OpenVPN client tunnel?

[bwoked]

I'm having some serious issues out of the blue, dnscrypt and ntp seems to be blocked, yet again however I am able to connect to the net through the VPN tunnel. If I forward all dns (dnscrypt) queries through the VPN I will be able to connect just fine. I want to set this up for DNS only, not all traffic. How can I do this?

 

[sbsnb]

How do you know dnscrypt and NTP are blocked?

 

[dugaduga]

This has happened a dozen times or so over the last year; I am unable to contact an NTP server and DNScrypt is unable to connect to any dnscrypt server, no matter what fallback DNS IP I use. Even after I run nvram set ntp_ready=1, and nvram commit... to allow DNScrypt to launch without officially connecting to an NTP server. For example, yesterday I was unable to connect to yandex, cloudflare, other dnscrypt services for a few hours. I was able to ping cloudflare at 1.1.1.1 however, and I was receiving the usual firewalled incoming port scans and connections all the while.

Eventually it ironed itself out, as it always does, without any of my intervention. Then for a while, I was only able to connect to Yandex, other dnscrypt servers did not work, and the dnscrypt requests that went through were hit and miss, half were broken; at the same time the VPN was working flawlessly. Only when I switched to a DNScrypt server within my country, a 5 eyes nation, did these problems disappear.

Previously at times the only thing I was unable to connect to was an NTP server; I could only get internet/dnscrypt up and working by adding a script to automatically set NTP_ready=1 and pull the time via curl/wget command. This eventually mysteriously solved itself after a couple of weeks as well.

Update Often in these times I would receive a lot of https interception warnings suggesting the certificates of legitimate websites were tampered with by a middlebox or in the backbone. This would iron itself out eventually.