It is better if you hijack the DNS requests. So rather than blocking the queries and getting connection time outs, the router will forward the query to the dns of your choice and get the answer back.
Read the following:
https://openwrt.org/docs/guide-user/firewall/fw3_configurations/forced_dns_redirection
https://openwrt.org/docs/guide-user/services/dns/intercept
Also some enhancements to the rules above we discussed in this thread:
2 Likes