DNS Piority in home-use Routers

No - as long as they are administrators of their machine they can override DHCP and set it to whatever they like.

If you have a higher end Modem/Router you could block DNS lookups except to your DNS server/forwarder. Or even intercept all DNS requests and aim them at your server.

Furthermore blocking using DNS is a rather poor way of doing things as users can easily enter the IP address of the site they are after (either directly or for virtual hosts by creating entries in their hosts file) - a better solution maybe to use a proxy server.

On a typical consumer-grade firewall/router, you're probably out of luck.

If the router supports it, block outbound traffic with a destination port of 53 (both TCP and UDP) to addresses other than the name server(s) you're permitting.

See this thread on the Open DNS forums.

I looked on my WRT54G, and it supports site blocking by keyword or URL, but I did not see an option to restrict/permit on an IP-address basis -- it was by keyword or port # only.

This is not going to work plain and simple. If you want to do site blocking that is not nontrivial to bypass the only solution is a proxy server. Note some higher end home "routers" have the option to block urls with these they have a config page where you can set a list of blocked urls. In this case the "router" simply does not send the request to the internet. in the case of proxy servers the machines must be forced to use the proxy and the settings locked down so that the user of the computer can not change them. Networking is simple enough to learn and guides to get around site blocking are a dime a dozen. For very serious content blocking companies and schools tend to use complex firewall rules along with software running on the computers to prevent access to "objectionable" content or virus / malware sites.

note: the quotes on router are because in this case the router is do much more the simply routing packets, it is acting as an outbound firewall as well.