Assuming no use of DoH. I worry that increasingly devices on your home network will ignore the LAN recommendations for DNS server and be MUCH harder to block.
I log all attempts by devices on my network to port 53. Android apps, roku, google home devices, and various others are quite aggressive about going directly to various DNS servers if they don't get what they want from the local DNS server.
Using wireshark to track what's going on it's not unusual to see 7,000 DNS requests for a domain I'm blocking in just a few seconds. The android client for youtube seems to be particularly persistent.
I log all attempts by devices on my network to port 53. Android apps, roku, google home devices, and various others are quite aggressive about going directly to various DNS servers if they don't get what they want from the local DNS server.
Using wireshark to track what's going on it's not unusual to see 7,000 DNS requests for a domain I'm blocking in just a few seconds. The android client for youtube seems to be particularly persistent.