@McMurphy I use dnsleaktest.com to check what DNS servers are being used. I believe if you see anything other than your IP and you have more than one server on your results, your DNS records are being sent elsewhere.
My pfSense is under a VPN, I only see 1 server and the VPN is the only IP I see. I have no DNS servers on my list other than my pfSense and have set to use only 127.0.0.1 and ignore other DNS servers:
91527ea0-0d4c-45de-8ecd-9be167ba4828-image.png
60c2479c-afde-4245-86f8-808c4c977c7b-image.png
7d1b75b1-0e20-4530-8c85-b006756e231c-image.png
29ea1666-f434-4f80-9558-c7188a0253d4-image.png