I think I answered myself after reading further on here:
What I gather is that OpenDNS in my case is functioning as expected, as specified through DNSCrypt, and is sending requests through the OpenVPN tunnel due to the policy route for the /24 going over the PIA VPN. From a DNS leak test, it will show OpenDNS rather than PIA as that is what is defined for name resolution.
What would be handy is determining how to confirm that all DNS queries, including clients that are set to WAN to bypass PIA VPN (e.g. Roku & Amazon FireTV), are still using DNSCrypt as opposed to the local ISP DNS or leaking otherwise.
My question is whether it is expected that OpenDNS is used even when Accept DNS Configuration is set to Exclusive or if I should be seeing the PIA VPN DNS instead? If it should show as PIA VPN, any thoughts what might be configured incorrectly?\
What I gather is that OpenDNS in my case is functioning as expected, as specified through DNSCrypt, and is sending requests through the OpenVPN tunnel due to the policy route for the /24 going over the PIA VPN. From a DNS leak test, it will show OpenDNS rather than PIA as that is what is defined for name resolution.
What would be handy is determining how to confirm that all DNS queries, including clients that are set to WAN to bypass PIA VPN (e.g. Roku & Amazon FireTV), are still using DNSCrypt as opposed to the local ISP DNS or leaking otherwise.