BIND9 with docker / portainer does not resolve DNS request

Question

I have created a docker container setup in portainer to run BIND9 as DNS Server.

the named.conf as follows:

# DNS Settings
# Access control list
acl trusted {
    10.10.0.0/16;
    172.0.0.0/8;
    localhosts;
    localnets;
};

options {
    directory "/var/cache/bind";

    recursion yes;                 # enables resursive queries
    listen-on { any; };
    
    # Configure forwarder where outgoing DNS queries will be sent to
    forwarders {
        1.1.1.1; // Cloudflare DNS
        8.8.8.8; // Google DNS
    };

    allow-query { any; }; 
    allow-recursion { trusted; }; # allows recursive queries from "internal" ACL   
    allow-query-cache { trusted; };
};

the container runs without errors. Though, when I query google.com, I get the following error in the container log:

24-Jun-2023 19:05:10.656 client @0x7f8f50022cd8 10.10.30.12#37211 (google.com): query (cache) 'google.com/A/IN' denied (allow-query-cache did not match)

I already have added the docker network to the ACL configuration. Though I still get the same error.

I run the command:

nslookup google.com 10.10.30.12

on my server where docker/portainer is running.

Running:

dig @10.10.30.12 google.com

; <<>> DiG 9.18.12-0ubuntu0.22.04.2-Ubuntu <<>> @10.10.30.12 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 7369
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

Answer 1

The mistake was simple. I edited the conf file locally, not the one on the docker volume on the NFS share. Now it works.