WAN Balancing - DNS Gateway used?

[cinntech]

I have 3 WAN connections - and trying to stick a few clients to only use one WAN. I was going to trace etc to verify this but curious:

I'm using Unbound and DHCP on OPNsense, all clients point to OPNsense for DNS. I have a firewall rule in first position for DNS with the destination being the firewall (OPNsense) and default gateway.

In the 2nd rule I have a Source of 1 client and the gateway forced to a Gateway group of only 1 WAN.

When this client does goes to a website it works and they get the WAN IP of that gateway.

OPNsense does the dns querisr for this client - what WAN does it use for these DNS queries? Does it use the same gateway the client uses or just whatever gateway?

I had a weird issue where I was having latency on one connection (not enough for failover) - this is noticeable in gaming and opening websites for all clients. However, the client forced on another WAN was also experiencing latency.  Which makes me believe that OPNsense was using this WAN for DNS but forcing other traffic for the specific client to the other WAN...  Would that be the case or may I have something else going on? How to I force DNS/all queries to go out the same WAN connection that they are ruled for?

[Maurice]

OPNsense does the dns querisr for this client - what WAN does it use for these DNS queries?

The one which has the global default route, unless specifically configured otherwise.

Does it use the same gateway the client uses

No, Unbound has no knowledge of what gateway is configured in the firewall rule(s) for this client.

How to I force DNS/all queries to go out the same WAN connection that they are ruled for?

The clients would have to use external DNS servers.