Router CLI - Devices not always routed to defined conditional config

Hi Folks-

I have several Conditional configs based both on MAC address and /24 Subnets. My strategy is to have certain devices mapped to user-specific MAC-defined configs so that a user-specific profile takes effect regardless of subnet, and that anything else on the subnet without a MAC-defined profile will inherit a config defined by the /24 subnet (a catch-all).

I've noticed logs that indicate a device sometimes reports to a MAC-defined profile and sometimes to the subnet-defined profile, the log events are within minutes of each other.

The MAC-defined profiles are declared higher in the nextdns.conf file than the subnet-defined profiles.

Is this expected behavior? Or any suggestions to improve reliability of performance?