Pulling out the little bit of hair I have left 😉

Swapped by web server DNS entry to a new server & everything was resolving properly EXCEPT when it tried to use IPv6. To be clear, all IPv4 and IPv6 addresses had been updated on all the A/AAAA records and had propagated.

#UnboundDNS running under #OPNsense seemed to be returning the old IP and for some reason, switching to a public DNS server or disabling DNSSEC support on Unbound fixed it? How does that even happen? Still unclear on the why…