It may be dropping the responses as low priority. Remember that DNS largely uses UDP, which is a little harder for a firewall to deal with. See if there's some option to change priority or timeout on those packets.

Alternately, you can run some low-level DNS tools to emulate what's going on and see if you can find the trouble.

What is your clients' DNS server set to?