I use Technitum DNS server to block but take a couple more steps.
I have a IoT block group that blocks them from WAN.
Then I point them at a dummy gateway and DNS server. Actual gateway is 10.0.1.1 dummy 10.0.1.99 and use the same for the DNS.
I know I should use vlans but a lot services have issues jumping vlans.
I use Technitum DNS server to block but take a couple more steps.
I have a IoT block group that blocks them from WAN.
Then I point them at a dummy gateway and DNS server.
Actual gateway is 10.0.1.1 dummy 10.0.1.99 and use the same for the DNS.
I know I should use vlans but a lot services have issues jumping vlans.