Networking → DNS - enforce OpenDNS only through SR505n Smart rg Router

I'd like to use the IP/Port filtering to stop anyone from using any other DNS other than Open DNS.
Open DNS uses these 2 ips: 208.67.220.220 and 208.67.222.222

So basically I have to block UDP port 53 to all IP address except those two.

I did it with my last router (Linksys DIR-655) by adding Access Control to block "some" content.
block UDP port 53 for IPs 0.0.0.0 to 208.67.220.219
block UDP port 53 for IPs 208.67.220.221 to 208.67.222.221
block UDP port 53 for IPs 208.67.222.223 to 255.255.255.255

How might I do this on a SR505n?

you should be doing a redirect not a block, if they change the dns server on the pc it will simply not work, if you redirect they think they got around it .lol

Ha! I never thought of a redirect that would work just as good - and maybe even better.

Trying a bunch of stuff but still nothing that works.

yes, its also a single rule

One rule sounds great - trying to block ports except these two with IP Prefex length is not easy. I sill don't have this working. The only downside is I think you can't have a backup DNS ... I'm fine with that though. Could you give some guidance of how to do this?

Much appreciated.

Just realized - with a redirect I can point to the router, which could then have two DNS entries. However, still can't figure out how to set that up on the Smart RG.

we could be a bit more help if you let us know what your trying to accomplish by doing all of this.

Open DNS (www.opendns.com) provides extra safety by blocking access to any domain that is bad. You can customize what you consider bad ex: malware, phishing, porn, etc. It's used by many public schools and libraries and its free for home use.

I set this up as my router's DNS, and now, any devise connected to our internet (wifi) has this protection by default. This was easy.

The problem is, most devises allow you to override the DNS settings. While I can't stop anyone from changing the dns setting in their own device, I can stop alternate DNS servers from responding to their device via my modem/router.

So, I want to only allow devices connected via my router/modem to connect to open DNS.

Since DNS uses port 53 on the UDP protocol, I want to:

A) block all IPs using UDP 53 (except OpenDNS's IPs)
Or
B) redirect any IP using UDP to OpenDNS's IP .. or maybe my routers own IP.

While DNS is mostly UDP it can do TCP
So I'd just redirect all port 53 data to opendns

is this a busines or residential?

Thanks DarkLogix. This is residential.

I've not been able to find anything about port redirecting on the Smart rg (SR 505n) router.

Can anyone give me directions?

I am not exactly sure how to do it on that particular device.

Here is how I do this on mine firewall (Cisco ASA).
Allow UDP and TCP to 208.67.220.220 port 53 outbound
Allow UDP and TCP to 208.67.22.222 port 53 outbound
Deny UDP and TCP port 53 outbound.

Basically online allow to OpenDNS servers denying all other DNS servers.
Getting into redirects probably complicates things too much.