Hello,

I am new to mikrotik and wanted to ask for some help - have a problem with routing Unbound traffic through my mikrotik router. Allow me to explain:

On a local network (192.168.0.0/24) the mikrotik (192.168.0.100) acts as the gateway and hosts a wireguard connection to a vpn provider.
A separate device running pi-hole and unbound (192.168.0.102) is the dhcp and dns server for the network.
Under IP->DNS the 192.168.0.102 is listed as the only dns. Allow remote requests is ticked.

NAT rules are created for udp and tcp
Chain dstnat
Src. Address (!) 192.168.0.102
Protocol UDP
Dst. port 53
In. Interface bridge1
Action dst-nat
To address 192.168.0.102
Anther rule exists for TCP.

Filter rules:
Drop forward draffic to pppoe-out1
Accept forward traffic to WG-TUN1

If upstream servers are allowed on the pi-hole (cloudflare, comodo etc) everything works.
However, if the only dns server set is the custom 127.0.0.1#5335, lan device including the pihole is able to ping any website. However, all devices can ping an IP address.

This same configuration works fine with a different router (vm hosting pfsense+) so I understand I am blocking unbound somehow, but I dont know how I am doing it or how to fix this issue. Please, spare a moment and help?

Thank you!

P.S.
Pardon my English, I am not a native speaker.