Unbound DNS server can be used for a VPN. It can cache and improve your network speed. And options can be added for security and removing things.

Here is a simple configuration of with some comments.

server:

        verbosity: 1
        num-threads: 4
        interface: 127.0.0.1
        interface: ::1
        interface: [vpn server ip]

        # Control access to the server (really just allow vpn access)
        access-control: 0.0.0.0/0 refuse
        access-control: 127.0.0.0/8 allow
        access-control: ::0/0 refuse
        access-control: ::1 allow
        access-control: ::ffff:127.0.0.1 allow
        access-control: [vpn server ip].0/24 allow

        # some security things
        hide-identity: yes
        hide-version: yes
        harden-short-bufsize: yes
        harden-large-queries: yes
        harden-glue: yes
        harden-below-nxdomain: yes

        # Don't resolve private addresses
        private-address: 10.0.0.0/8
        private-address: 10.0.0.0/8
        private-address: 172.16.0.0/12
        private-address: 192.168.0.0/16
        private-address: 169.254.0.0/16
        private-address: fd00::/8
        private-address: fe80::/10
        private-domain: yourdomain.example

        # speed improvements
        prefetch: yes
        prefetch-key: yes

        # enable DNSSEC:
        auto-trust-anchor-file: "/var/lib/unbound/root.key"