Help setting up a DNS Sinkhole

I am trying to setup a DNS sinkhole but I can't make it work.

This NAT rule doesn't have a firewall associated rule, but is not needed since range DMZ and the DNS server are in the same subnet

From a client in the subnet (Range DMZ) I simulate DNS querys to 9.9.9.9, this NAT rule should intercept those querys and route them to the DNS server in the same subnet.

I dont have any other NAT rule above that interfeeres on this, in fact I get hits in the rule but the log is empty.

What am I doing wrong? or how can I achieve this?

 

Another referrence here: 

blog.flippedbits.io/.../