Hi，

Do you want to make DNS server in the LAN to take effect?

If so, you do not have to block port 53, instead, please go to advanced-DHCP-DHCP settings to change the DNS server which is what you want.

May it help.

Good day. 

ssp67 wrote

Did you find a solution to your problem? I need to do the same. though i have the Archer C5400...hoping a solution on your device might help me also.

Hi,

We cannot block port 53 otherwise there will be no internet access anymore. 

All the DNS packets will access through WAN IP and the port 53, if we block it, all the DNS request will be blocked, no more internet. 

And for the client device's server, it is related on the device itself, not much we can do on the main router. 

May it help. Good day. 

ssp67 wrote

I have setup on Network>DHCP Server>DNS Server1 & DNS Server2 my preferred DNS servers(openDNS). And yes with this all my devices on LAN use this DNS by default. However, my son has a laptop which he is an admin and so can change the DNS. I sure on his cell phone he can also change is DNS. In order to prevent this, i understand i have to block port 53? This is based on what i have read in several forums. Anyways on my archer c5400 v2.0(1.2.2 Build 20170912 rel.56240(5553)) i cannot find a way to add a firewall rule for this specific port. I just don't this as an option on any screen i have seen...unless i am missing something. Any ideas on how to achieve this on C5400?