I've been finding myself disappointed with the performance of the DNS daemon on these gateways. I previously had a ER605 and upgraded to a ER707-M2 when my ISP bumped me to 2gbps. In both cases, I have consistently found that the built-in DNS resolver is adding 10-20ms+ to non-cached lookups. I know this isn't a huge amount of time and this isn't lightning fast hardware, but it does seem like an eternity for what should be a simple in-memory lookup that then gets blasted out as a packet on the WAN. That kind of thing should be measured in ns rather than ms. Maybe the ram in this thing is just that slow, I dunno.

With my ISP, I've found that cloudflare's 1.0.0.2 is the best performing resolver that includes security filtering. Pointing the router itself at cloudflare and then resolving through my gateway is consistently slower than going all the way to cloudflare directly for everything even with its caching factored in. In the end, I configured my DHCP to tell clients on the network to just resolve to 1.0.0.2 and 1.1.1.2 directly and that's works well enough for a home network, but I know lots of people use these things on small to medium sized businesses where there needs to be a local resolver on the lan and I would recommend you look at running your DNS on other hardware on your network if these gateways can't be improved further.

    1.  0.  0.  2 |  Min  |  Avg  |  Max  |Std.Dev| Jitter|
  ----------------+-------+-------+-------+-------+-------+
  - Average Delay | 0.003 | 0.019 | 0.241 | 0.007 | 0.368 |
  - Cached Name   | 0.003 | 0.006 | 0.030 | 0.002 | 0.333 |
  - Uncached Name | 0.005 | 0.037 | 0.241 | 0.044 | 1.189 |
  - DotCom Lookup | 0.012 | 0.015 | 0.066 | 0.004 | 0.267 |
  ---<-------->---+-------+-------+-------+-------+-------+
                 security.cloudflare-dns.com
          APNIC AND CLOUDFLARE DNS RESOLVER PROJECT

    1.  1.  1.  2 |  Min  |  Avg  |  Max  |Std.Dev| Jitter|
  ----------------+-------+-------+-------+-------+-------+
  - Average Delay | 0.003 | 0.020 | 0.236 | 0.008 | 0.400 |
  - Cached Name   | 0.003 | 0.006 | 0.056 | 0.003 | 0.500 |
  - Uncached Name | 0.005 | 0.040 | 0.236 | 0.049 | 1.225 |
  - DotCom Lookup | 0.012 | 0.015 | 0.031 | 0.002 | 0.133 |
  ---<-------->---+-------+-------+-------+-------+-------+
                 security.cloudflare-dns.com
          APNIC AND CLOUDFLARE DNS RESOLVER PROJECT

    DNS over TLS  |  Min  |  Avg  |  Max  |Std.Dev| Jitter|
  ----------------+-------+-------+-------+-------+-------+
  - Average Delay | 0.004 | 0.025 | 1.021 | 0.011 | 0.440 |
  - Cached Name   | 0.004 | 0.006 | 0.064 | 0.004 | 0.667 |
  - Uncached Name | 0.006 | 0.054 | 1.021 | 0.098 | 1.815 |
  - DotCom Lookup | 0.013 | 0.016 | 0.032 | 0.003 | 0.188 |
  ---<-------->---+-------+-------+-------+-------+-------+
              security.cloudflare-dns.com
          APNIC AND CLOUDFLARE DNS RESOLVER PROJECT

  192.168.  1.  1 |  Min  |  Avg  |  Max  |Std.Dev| Jitter|
  ----------------+-------+-------+-------+-------+-------+
  - Average Delay | 0.001 | 0.036 | 1.510 | 0.002 | 0.056 |
  - Cached Name   | 0.001 | 0.001 | 0.002 | 0.000 | 0.000 |
  - Uncached Name | 0.007 | 0.055 | 1.510 | 0.112 | 2.036 |
  - DotCom Lookup | 0.014 | 0.017 | 0.068 | 0.004 | 0.235 |
  ---<-------->---+-------+-------+-------+-------+-------+
             Non-routable local internet address
          Local Network Nameserver (1.0.0.2 upstream)

192.168.  1.  1 |  Min  |  Avg  |  Max  |Std.Dev| Jitter|
  ----------------+-------+-------+-------+-------+-------+
  - Average Delay | 0.001 | 0.039 | 1.197 | 0.001 | 0.026 |
  - Cached Name   | 0.001 | 0.001 | 0.001 | 0.000 | 0.000 |
  - Uncached Name | 0.007 | 0.059 | 1.197 | 0.092 | 1.559 |
  - DotCom Lookup | 0.014 | 0.018 | 0.098 | 0.008 | 0.444 |
  ---<-------->---+-------+-------+-------+-------+-------+
             Non-routable local internet address
        Local Network Nameserver (Cloudflare over TLS)