Hello Sujan - Welcome to the IPFire Community!
When reading through the Community posts you will see that PiHole is not recommended due to security issues. Since the pi-hole filters DNS records, DNSSEC is not possible from the client to the external DNS server (hope I explained this correctly).
See:
Having said that…
What you have proposed above is what I have setup for my GREEN network.
Client (DNS) → PiHole (DNS) → IPFire (DNS) → to external DNS Server
This works fine but as I said it is not secure.
To force clients to a specific DNS server see:
https://wiki.ipfire.org/configuration/firewall/dns
The below is being testing but has not been released:
Hope this helps,
Jon