I also used Opendns on my old router assigned to some devices (especially those used by children). However if I’m not mistaken Opendns doesn’t support DNSSEC so it would effectively turned off the DNSSEC validation on the router. It was mentioned in https://www.turris.cz/forum/topic_show.pl?tid=388 (sorry it’s in Czech).
So it’s on my todo list to investigate the best option to block certain site for certain computers in the network.