Found out that it does not work correctly. The guests network totally fails on DNS, because it cannot reach the pihole. But a lot of devices like android have something called "Private DNS" which totally bypasses your DNS structure. Also found that my work machine also has Cisco umbrella which also captures all DNS traffic and routes it to whatever your company wants to use.

And a lot of IoT devices have 8.8.8.8/8.8.4.4 hardcoded in them so they don't show up either. And for that reason they keep working if they are on an isolated IoT segment which can't reach pihole if the device is marked as "isolated". Disabling isolation makes the pihole visible to them... but if they are not using it because of hardcoded DNS servers that is pretty useless.

So that leaves me with only the Samsung TVs, Sonos, Nintendo being filtered/cached. This trend makes the whole DNS filtering less useful. Still I think it would be useful feature to be able to allow access to a few addresses from the IoT and/or Guest network to allow for such features.

Any other solutions/ideas? Would be great to hear them!

  @Solla-topee the problem is that the same 2 DNS servers are used for Normal, Guest an IoT networks as specified in the DHCP settings.  So if I put my two pihole servers in there, it works for the normal network and for non-isolated IoT. It does not work for Guest and isolated IoT devices, because the piholes are on the normal network which cannot be reached (in my case x.x.x.200 and x.x.x.201)

So it would be nice to be able to set a few exceptions (list of ip-addresses, max 10 maybe) which can be reached by guest and/or IoT isolated. That way, pihole would work. (would probably be in the advanced settings)

Another solution would be to make the DNS settings separate for Normal, Guest, and IoT. Maybe even the ability to set the range of ip's for each part so they are easy recognizable. But this option does not allow for pihole filtering of guest/IoT-isolated but it would work.

Regards,

Marcel