Has anyone played with extra Unbound conf settings?

I have a FWG+.  I upgraded to 16 gb memory.  

I currently have it running DoT with a fallback to regular unbound resolving.  And I was able to tweak the cache a bit and turn on pre-fetch (if it wasn't on already).  (if you are on the regular 4 gb memory that's stock, I wouldn't increase the cache this much...)

Has anyone else done anything interesting with the unbound conf?  I tried setting thread counts, etc. etc., but unbound wouldn't start, so while it's unbound 1.14.0 on my FWG+ Firewalla itself has a lot of conf settings black listed.

From the Ubuntu prompt in ssh I looked at traffic involving port 54 on my eth port for my main isp and all I saw was Firewalla itself phoning home, etc. etc.  Which means all the other traffic was properly in the DoT tunnel.  Pretty cool.  I then did the same on the eth port for my failover 2nd ISP, and I saw the same thing (keep alive, status checks).  When I looked at my internal lan eth port, I saw all the DNS calls, which is correct for my setup.

here's my conf file-

server:
    tls-cert-bundle: "/etc/ssl/certs/ca-certificates.crt"
    msg-cache-size: 256m
    rrset-cache-size: 512m
    prefetch: yes
    prefetch-key: yes

forward-zone:
    name: "."
    forward-first: yes
    forward-tls-upstream: yes

    # Cloudflare
    forward-addr: 1.1.1.1@853#cloudflare-dns.com
    forward-addr: 1.0.0.1@853#cloudflare-dns.com
    forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
    forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com

    # Google
    forward-addr: 8.8.8.8@853#dns.google
    forward-addr: 8.8.4.4@853#dns.google
    forward-addr: 2001:4860:4860::8888@853#dns.google
    forward-addr: 2001:4860:4860::8844@853#dns.google

    # Quad9
    forward-addr: 9.9.9.9@853#dns.quad9.net
    forward-addr: 149.112.112.112@853#dns.quad9.net
    forward-addr: 2620:fe::fe@853#dns.quad9.net
    forward-addr: 2620:fe::9@853#dns.quad9.net