Problems with using bind views and unbound

[user_with_name]

on my OPNsense device, Unbound@53 is set with domain override for internal resolution of testsite.com to os-bind@5335. Bind serves as SOA for this domain with A records, CNAMEs and reverse zones are also set. In bind, named.conf i have setup two different views with two acl list. View-A is restricted only to acl-1 IPs because View-A serves zone for management network including opnsense gui and has its A record fw.testsite.com pointing to 10.10.10.1 for example. View-B is set with entries for other services such as service1.testsite.com, service2.testsite.com and serves to acl-2 IPs.

I used dig to verify this as follows:
- From a desktop within management ip lsit, for fw.testsite.com I am getting response from bind View-A as 10.10.10.1 and getting NXDOMAIN for service1 and service2. But, from a laptop with ip under acl-2 i am still getting response from View-A for fw.testsite.com and NXDOMAIN for service1 and service2. Can confirm from bind query_log that the response is from View-A.
- what is expected is any query from acl-2 ips should be responded by bind View-B, particularly fw.testsite.com should not be accessible for acl-2 ips.

- Curiously, when i do a dig with bind port directly (dig -p 5335 @10.10.10.1 service1.testsite.com) i get correct responses from View-B and all works well. Can confim from bind query_log that the response is from View-B. Similarly, dig -p 5335 @10.10.10.1 fw.testsite.com gives NXDOMAIN. All good.
- So, i can confirm few steps here, dns is working, bind views are set correctly and working, unbound is forwarding the overriden domain to bind.

now comes the questions:
1) Is unbound sending the query to bind as if its coming from opnsense ip instead of origin ip ?
1.1) How do i tell unbound to not ignore or rewrite originating ip so that bind can effectively respond with views ?
2) In case, it is not possible to use unbound and bind views together for the mentioned use case, Should I simply use bind as main dns with internal resolution for testsite.com only and forward all other queries to unbound ?
2.1) For now i wish to use unbound as main dns with bind for internal resolution as i can use A, AAAA, CNAME, MX, etc., with bind and not with unbound. But, open for alternative ways.

Thanks for your responses !

[user_with_name]

I think i have figured it out.

Previous setup:
unbound listening on all interfaces; unbound outgoing interface set on wan and lan only.
bind listening on localhost and lan only


Present setup: unbound listening on all interfaces; unbound outgoing interface set on wan, lan, opt1
bind listening on localhost, lan and opt1

Expected:

Lan IPs should get response from View-A only
opt1 IPs should get response from View-B only

Result: Its working. Now, opt1 IPs get response from View-B and Lan IPs get response from View-A. Can confirm using dig and can also see the view based query logged in bind 

But, this works only for the very first lookup. For further lookups unbound is responding from cache. So, if Lan looked up for View-B domain, then gets NXDOMAIN which is correct. But, a couple of seconds later when opt1 tries to do the same gets back NXDOMAIN from unbound cache instead getting the record from View-B.

How can i tell unbound to not cache and not respond from cache for specific domains ?

[user_with_name]

The previous solution with unbound interface outgoing is working only partially. For some reason unbound send out queries in random interface causing wrong Views.
Anyone can guide me what to do ?