[Note: The router's hardware version is actually "Archer AX21 v1-20", but the forum won't let me select that]

tl;dr - My AX1800 DHCP settings have a DNS server that's ignored.

I have an AT&T modem. I've turned off its DHCP and Wi-Fi, but it's not in passthrough mode or anything. The modem has no option for specifying, or even viewing, DNS servers.

I have my AX1800 acting as my DHCP server, and it points to my AT&T modem as the gateway. I specified a single DNS server, as shown here.

On my Windows 11 machine (which has a static IP), its gateway and DNS server both point to my AX1800 router. What I would EXPECT is that my DNS requests would get routed to my AX1800, which would then send them onto the DNS server I've specified.

Yet, when I go to a DNS leak test site and run the standard test, it's showing that my DNS servers are AT&T, not the one I've specified in my AX1800.

I've seen some internet chatter about AT&T possibly hijacking DNS queries, but I don't know if that's actually a thing or not. If so, seemingly using DOH (i.e. using TLS) can prevent that, but I don't see an AX1800 option that specifies "use TLS for DNS".