I use pihole as the DNS server on my network, with all clients told to use it via DHCP from DNSmasq running on my OPNsense box.
Daily I get warnings about rate limiting being applied to my OPNsense router's IP address, and OPNsense is making over 50% of DNS requests.
I have configured OPNsense to use only upstream DNS servers on the Settings > General page, and again for Zenarmor's DNS enrichment setting - so I would not expect the OPNsense server to be doing any DNS lookups via pihole at all.
Is there somewhere else that OPNsense might be configured to do DNS lookups?
You can check the outbound DNS requests by using a tcpdump on the WAN interface for UDP port 53 and see who and what it being asked to get an idea of what it can be.