Reoccurring Unbound DNS failures in multi-wan setup with query forwarding.

[MaeveFirstborn]

We have two virtual firewalls in a CARP pair. They each have two WANs set up in a gateway group. In addition, on the LAN network we have an active directory domain controller. The end goal is that Unbound recursively resolves using its root hints, communicating on whichever WAN interface is currently the primary, unless the query belongs to local.example.com, in which case it forwards through the LAN interface to the domain controller.
I have all three interfaces selected as the Outgoing Network Interfaces in Unbound's advanced settings. The problem is that if you read the fine-print on the documentation page for Unbound it reveals that it will use the Outgoing Network Interfaces at random to counter spoofing. The behavior I'm seeing is that some local DNS queries get sent out to either of the WANs, in which case they get dropped obviously, or alternatively in some cases it tries to resolve public DNS information through the domain controller. We were originally using Domain Overrides but it's our understanding this is no longer supported.
How should we approach this?
For example:
> all the configured stub or forward servers failed, at zone local.example.com. no server to query nameserver addresses not usable have no nameserver names