If the captive portal is rerouting every IP packet (apart from DNS lookups) from an unauthorized MAC to the same central server (so that it can spoof the HTTP redirect to the payment page), this is exactly what you'd expect to see.

It doesn't matter what DNS you're using - the DNS lookups should resolve to correct IPs otherwise your local DNS cache would be poisoned.