Would you mind elaborate what you’re expeting to happen as a response to which request?
You’re asking about forwarding, but you didn’t configure any forwarding rule. Instead, you configured a static host. When you do
nslookup example.com it will be resolved to 192.168.1.202 according to your initial posts setting. As long as the local dnsmasq can provide answer for a certain question, it most likely doesn’t as an upstream server. So that’s no forwarding.
You disabled rebind protection. This means an upstream DNS server (like 18.104.22.168, if you ask google) is allowed to respond with an IP of RFC1918 (192.168.0.0/16, 172.16.0.0/12 or 10.0.0.0/8). This is forwarding, or more precisely, it’s a strategy to handle potentially bogus responses from a forwarded request. But it has nothing to do with
list address in the first place.
In your initial post you asked if you could force clients to renew DHCP leases. That’s not possible since that’s the whole point ot any TTL. If you’re in testing mode, decrease your lease time to a couple of minutes until you’re done and happy with your current state of configuration.
local '/lan/' which means requests to resolve
whatever.lan will never get passed to an upstream server.
If you want dnsmasq to perform lookups to an upstream server, you can do things like this:
list server '22.214.171.124' will forward any request to googles DNS server.
list server '/example.com/126.96.36.199' will only forward DNS requests resolving example.com to googles DNS server (which imho means both, example.com as well as foo.example.com).