Unbound + Adblock not working

Hi everyone,

I'm new to OpenWrt and need help with my configuration.
My current setup is odhcpd(dhcp server) + Unbound(recursive dns resolver, dnsmasq uninstalled) + Adblock(ad blocker) + Wireguard(vpn server, not client) + DDNS on my Redmi AX6000. I've updated all of my packages and everything is up to date.

Everything is working fine but Adblock. Adblock only works when I am connected to my local network via my Wireguard interface. Somehow it's not working on lan. Unbound is resolving dns on both my lan and Wireguard interface networks. I don't see any errors when running unbound-checkconf aside from the duplicate zone error in unbound likely caused by ad filters in Adblock having the same domain on their list. There are no errors on Adblock either.

Below are my conf files for adblock, dhcp, unbound and my forwarding rules.
Would really appreciate someone help me solve this issue.

edit: this is my version

DISTRIB_DESCRIPTION='OpenWrt 23.05.3 r23809-234f1a2efa'


config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option ra_management '1'
        option dhcpv6 'server'
        option ra 'server'
        option ra_slaac '1'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '1'
        option leasefile '/var/lib/odhcpd/dhcp.leases'
        option leasetrigger '/usr/lib/unbound/odhcpd.sh'
        option loglevel '1'


config unbound
        option add_local_fqdn '1'
        option add_wan_fqdn '0'
        option dhcp_link 'odhcpd'
        option dhcp4_slaac6 '1'
        option domain 'lan'
        option domain_type 'static'
        option listen_port '53'
        option rebind_protection '1'
        option unbound_control '1'
        option enabled '1'
        option manual_conf '0'
        option root_age '9'
        list trigger_interface 'lan'
        list trigger_interface 'wan'
        list trigger_interface 'wg0'
        option localservice '1'
        option validator '1'
        option validator_ntp '1'
        option rebind_localhost '1'
        option dns64 '0'
        option protocol 'default'
        option resource 'default'
        option recursion 'default'
        option extended_stats '0'
        list iface_lan 'lan'
        list iface_lan 'wg0'
        list iface_wan 'wan'
        list iface_wan 'wan6'
        list iface_trig 'lan'
        list iface_trig 'wan'
        list iface_trig 'wg0'


config adblock 'global'
        option adb_enabled '1'
        option adb_debug '1'
        option adb_forcedns '0'
        option adb_safesearch '0'
        option adb_dnsfilereset '0'
        option adb_mail '0'
        option adb_report '1'
        option adb_backup '1'
        option adb_dns 'unbound'
        option adb_fetchutil 'curl'
        option adb_repiface 'br-lan'
        option adb_dnsflush '1'
        option adb_triggerdelay '70'
        list adb_sources 'adaway'
        list adb_sources 'adguard'
        list adb_sources 'disconnect'
        list adb_sources 'easylist'
        list adb_sources 'easyprivacy'
        list adb_sources 'yoyo'

/etc/config/firewall (only the forwarding part)

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'WireguardVPN'
        list proto 'udp'
        option src 'wan'
        option src_dport '51820'
        option dest_ip ''
        option dest_port '51820'

config redirect 'dns_int'
        option name 'Intercept-DNS'
        option src 'lan'
        option src_dport '53'
        option proto 'tcp udp'
        option family 'any'
        option target 'DNAT'

You must keep dnsmasq as specific forwarder in unbound for lan dhcp automatic names.

Would be nice if you could clarify. According to the official documentation of Unbound it says it can run with odhcpd as the dhcp server. Also, on Adblock's official documentation it says it runs with Unbound and no further configuration is needed.

I just mentioned function you lose getting rid of dnsmasq

I think I understand what you mean. What about having it installed but disabled would that keep the function intact?

You can change dns port and disable all interfaces and use it as a forwarder for lan. and 1.168.192.in-addr.arpa. zones
dhcp dns in this zone assigns nice names to your devices.

You spotted right - uninstall does not keep dnsmasq away, to disable its dhcp part you need to disable dhcp server on all interfaces.