But this line is going to be causing problems, any ideas what’s adding that to your firewall (its not LXD).
Because although LXD is using nftables, its likely that iptables is actually using nftables too, and any reject or drop statements added in a netfilter chain that LXD doesn’t know about will still be evaluated even if LXD’s own rules say to accept the inbound DHCP/DNS packets. This is a rather unfortunate behaviour of nftables, compared to iptables, that any reject or drop in any other chain will cause the packet to be rejected/dropped even if its already been accepted by an earlier chain in a different netfilter hook.
See Upgraded to Ubuntu 20.10, now no ipv4 - #7 by tomp
So you need to ensure that no rules generated by your other firewalls would cause LXD’s traffic to be dropped.
See Lxd bridge doesn't work with IPv4 and UFW with nftables - #17 by tomp for a way to instruct ufw to allow lxdbr0 traffic.