dnsmasq doesn't seem to "forward to system defined DNS servers" ??

[ffsb42]

Dear fellow opnsense  community,

I can't seem to get dnsmasq to forward my own domain resolutions of unknown hosts properly when leaving unchecked the option Services/DNSMasq/General/Do not forward to system defined DNS servers...

background: 
- clients DNS configuration is to go to adguard first (running in opnsense on port 53)
- adguard resolves my own domain to *.foo.bar by forwarding the request to dnsmasq (running in opnsense on port 5054). ie: in Adguard/DNS_Settings/UpstreamDNS: ][/foo.bar/]192.168.0.1:6054
-  dnsmasq is configured to self-register dhcp hosts in its own dns and properly allow resolution of a host mypc.foo.bar and mypc locally without any issues
- I do own my a domain in cloudflare foo.bar, some of my devices are setup to self register their external facing IP addresses with cloudflare. I also expect dns resolutions for foo.bar to resolve to local IP via dnsmasq when the device is inside my local network behind opnsense... 

However, if I have a host moving outside of my network (like a phone or laptop) and it is configured to properly self register its public ip with cloudflare to my own domain ie: remotepc.foo.bar... it obviously is not visible to dnsmasq. I would have expected:
1) client to ask adguard to resolve remotepc.foo.bar  -> that works
2) adguard to ask dnsmasq to resolve remotepc.foo.bar -> that works
3) dnsmasq to forward the resolution to my default opnsense system dns (1.1.1.1) since he doesn't a trace of remotepc.foo.bar  -> that doesn't work

as a workaround, I can instruct adguard to forward the request for remotepc.foo.bar to cloudflare (which is ok for devices permanently outside of my network but not for a romaming pc or phnone) by adding the following line first in Adguard/DNS_Settings/UpstreamDNS: ][/remotepc.foo.bar/]1.1.1.1

What am I doing wrong?