Hi all - I'm cross-posting this to the OPNsense forum as well as I'm not certain where, exactly, the issue sits. Will link that at the bottom (I'm doing this one first so I'll come back and edit in the link!)
Expected Behaviour:
Prior to installing an OPNsense firewall (on a standard TP-Link router) Pihole was functioning as the DHCP and DNS server and successfully blocking all ads and trackers. Using Tailscale and an exit node, mobile devices like mine would also utilise the pihole for adblocking, and ads in things like Google Newsfeed and on webpages would show up blank or not work.
Actual Behaviour:
Since installing OPNsense, I have moved the DHCP server to the OPNsense firewall, mainly as it has better tracking/static IP configuration and more features, and because, in the future, I want it to also block all or some internet access for given clients through IPtables and/or plugins like Zenarmor. With the Pihole forwarding DHCP to the firewall and set as the DNS server in OPNsense, I'm seeing sporadic blocking (some ads in Google Newsfeed, for example, are served) and hourly spikes in DNS traffic similar to what I had noticed back when first setting up the Pihole (when it was not configured properly.)
I'm not sure what I'm missing - in theory the OPNsense appliance should work just as the TP-Link router did and forward all internal DNS queries to the Pihole, but it feels as if some requests are bypassing or being sent elsewhere. I have checked that there are no other backup/alternate DNS servers in OPNsense, and I've set the OPNsense device as the recipient in conditional forwarding (or, at least, I had - checking today for this post I don't see anything in there. No idea when that disappeared.)
This might not be relevant and I'm not trying to post for multiple support threads in one, but in case it's relevant, here's the current warnings from Pihole - I intend to make another post for some help on these later on!
Thank you in advance for all your help here, everyone. If I'm doing something wrong, I'd love to learn about it - don't hesitate to add anything!