Bind9 container in Docker Swarm refuse query for internal zone

0

I’ve been using 3 servers with docker and docker swarm configured for a while, all the services I inserted into the swarm work correctly except one. I deployed a DNS server via compose by defining two internal zones using the Bind9 image. While I was running tests I noticed that both with dig and nslookup the DNS rejects queries (REFUSED) but only those towards the internal zones. If I execute a query towards internet domains everything works normally even using DOH. Here is the basic configuration used for testing:

docker-compose file

version: '3'

services:
   bind9:
   image: ubuntu/bind9
   container_name: bind9 
    environment:
      - BIND9_USER=root
      - TZ=Europe/Madrid
    ports:
      - "53:53"
      - "53:53/udp"
      - "443:443/tcp"
    volumes:
      - ./config:/etc/bind
      - ./cache:/var/cache/bind
      - ./records:/var/lib/bind
      - ./ssl:/etc/bind/ssl
      - ./zones:/etc/bind/zones
      - ./keys:/etc/bind/keys
      - ./run:/var/run
    restart: unless-stopped

named.conf.options (any for test)

tls local-tls {
   key-file "/etc/bind/ssl/privkey.pem";
   cert-file "/etc/bind/ssl/fullchain.pem";
};

acl internal {
        10.0.1.0/24;
        172.17.0.1/16;
        172.18.0.1/16;
        localhost;
        localnets;
};

options {
        listen-on port 53 {any; };
        listen-on port 443 tls local-tls http default {any;};
        forwarders {
                127.0.0.1 port 5053;
        };
        allow-query { any;};
        recursion yes;
};

named.conf.local

zone "neuromancer.loc" {
    type primary;
    file "/etc/bind/zones/db.office.loc";
    allow-transfer { 10.0.1.99; };
};

zone "1.0.10.in-addr.arpa" {
    type primary;
    file "/etc/bind/zones/db1.0.10.in-addr.arpa";
    allow-transfer { 10.0.1.99; };
};

Is this an issue of Docker or of the Bind9 application? Any error logs?