I’m not sure why in my case using cloudflare was causing issues for internal resolution, maybe it was partly crashing unbound, all I know I changed it and my problems have not come back.
I can’t say if this will fix your issues or not.
Yes on the DNS settings, maybe try changing those to something with TLS support, not all providers have DoT DNS servers, so simply changing from UDP to TLS on the provided servers likely wont work.
This Blog post helps explain the added privacy of using DNS over TLS (DoT),
I recommend reading it. https://blog.ipfire.org/post/dns-configuration-recommendations-for-ipfire-users
Here is a link for setting up IPFire DNS over TLS, it also has a list of some TLS providers, there are likely more but this is a good starting point.
Even if this is not the fix in your case this is a safer configuration for you.
Here is a quick example of mine,
I don’t much like using Google for my DNS, I need to find a TLS provider that is low latency and not google, I should do it now since I keep forgetting.
Also take note NOT to use an internal domain name that resolves to a real internet domain, as example I just last night saw someone using netgear.com for their internal domain name!