I have been using DNS over TLS with Cloudflare IPv4 and IPv6 servers successfully for sometime.
I recently noticed that the Spot Apple TV and iOS apps reported 'Connecting' or 'No internet connection'. I validated that none of the Unbound blocklists were blocking the Spotify servers and the moment I switched to an external DNS, Spotify would work.
Narrowing it down, I then removed all the DNS over TLS servers and only enabled 8.8.8.8 port 853. This allowed Spotify to connect with no issues but the moment I re-added the Cloudflare IPs (both IPv4 and IPv6) Spotify wasn't happy.
Not sure if the server list is used in a round robin fashion. Does anyone know why Spotify is only playing nicely with Google's DNS when using DNS over TLS?
If you disable all other DNS servers except Cloudflare's, what happens then - is your OPNsense firewall able to ping any of the spotify's servers? Then the problem might be Cloudflare.
Why, you say? Do not know.
I had the same issue when using Quad9 (not Spotify, it was just another random service); so I just dropped using them. I use a combination of 5-6 of those I found here: https://dnsprivacy.org/public_resolvers/