I'm trying to imagine the structure of packets sent from a VPN client to its server. If I want to visit google.com, does the actual packet with google's address as destination get encapsulated in another packet destined for the VPN server? Or the only packet the client sends is one destined for the VPN, which in turn infers the ultimate destination from the Host field in the HTTP request? I'm kinda lost to the details of this kind of "tunnelling" everyone talks about abstractly.
there are different flavors of VPN, but in general the IP packets with your host ip are encapsulated / tunneled over something else
in case of ipsec its just ip layer encapsulation / tunneling. so the packet will looks look like this. https://images.app.goo.gl/1stY5Jyqf1YsbWrv5
in case of tls where the ip packets are forwarded inside TLS tunnel so it will be on a higher layer with more overhead. the vpn server as you called it, does not have anything to do with HTTP host fields. keep in mind you can put all traffic on vpn not only http