NTP server pools can't be resolved [Solved, 2 problems in 1 post]
This post is getting too big lol. I'll ask these and move on. I don't want to waste your time.
*** Deleted last questions ***
Edit: I think this answers all my questions (from Netgate docs) -
For now I'll use the default. If there will be any problems in the future I'll try using the public address of the VPN servers. If that won't help I'll use major websites addresses. And finally if that won't work out as well I'll have to use my own server/cloud/domain etc.
Thank you both guys for all the help. Much appreciated! Cheers! :)
I think one of the problems (or the main one) was not a DNS blocking/limiting etc. but a static route to it set by pfsense because it was used as a monitoring IP etc. (read about it online). Since I'm never gonna use 4.2.2[1-6] for production DNS resolving, I decided to utilize them as monitor IPs for every gateway that is not the WAN itself or has no proper 'upstream' gateway to check against.
Currently I'm happy with the solution below. I think the assumption mentioned in the screenshot is correct but we'll see what happens.