@TP-Link There are a bunch of people wanting this, and have been for a while, I wish I realized this was an issue before buying TP-link as it's a pretty big caveat for me, my current workaround is to use external DNS and than manually configure DNS on hosts on my main network.  If you have ever tried to change the DNS settings on a phone you will know how much this solution sucks.

There are a few really simple ways that I can think of for TP-link to solve this..

1 Have seperate DNS server settings for Guest network as suggested

2 allow users to specify an internal DNS server in the DHCP settings, and have the AP proxy the DNS for both networks as it currently does for external DNS servers. (Currently this throws an error about the network overlapping which is just daft)

3 Create an iptables rule to permit dns traffic from the guest lan to the specified DNS server

  @TP-Link   Seriously this is a big need in this level of WiFi routers - I have known of this exact issue for 5+ years.  To the point that I have thought about joining open source communities to push this topic and then install that firmware on whatever hardware works with it.  NO ONE offers Guest WifI DHCP settings.  **selling point**  A ton of businesses do not want to invest the money in a commercial solution when they are a small 'mom and pop' business or some people just want a 'different' home network.  I don't but if I did it would be with Cisco and not TP-Link.  The line has fully blured between 'Home Network' and 'Small Business Network.'  Currently TP-Link is one of the better hardware and firmware solutions - don't push customers away.  The first company that I notice that I find that offers this solution will have people buying their product and I will make sure public knows about it.

Untill they do this public please take note:

There is one and only one work around that works on 99.9% of the routers on the market.  Turn on DHCP on the normal network and set the lease range to a small amout.  Take an old phone and connect it to the WiFi.  Reserve the IP that is handed to the phone via DHCP to that phone and make note of the IP.  Now make the lease range to only that device's IP.  You have now flipped the switch turning on DHCP also giving Guest WiFi it's DHCP while efectivly killing DHCP on your main network freeing it up for static or server based DHCP with zero split brain issues.

I have the same issue. oh m f g it's 2022 and I can't believe tplink can't serve dns to a guest network. Makes the guest network completely useless.

  @TP-Link 

Look at this

https://www.reddit.com/r/pihole/comments/sf2jpn/my_guest_network_cant_access_the_internet_i/

TP-Link creates security issues to home users by denying use of guest networks or denying use of security blocking software such as pihole. TP-Link engineers don't even understand why it's important to let guest network have access to dns server.

The worst part is that the " "Isolated from Main Network" setting already exists. They just won't allow it because they don't understand or care about its users.

  @TP-Link Definitely want the feature for setting up a separate DNS for the Guest Network. That's the only way I can isolate a guest network from primary network when using a pihole. Please implement this feature. 

Need separate DNS and DHCP settings for the guest network. If I'm running my own DHCP server on the main network (router DHCP disabled) there is no way for the guest clients to see it unless I give them access to the main network which completely defeats the purpose of having a guest network. The router should be configurable to enable/disable serving DHCP on each network separately.

The suggestion to manually configure each guest client is a joke. Will be looking at other vendors for my next router upgrade.

  @TP-Link  What worked for me was to set the primary DHCP as my pi-hole and the secondary DHCP server as "1.1.1.1" (cloudfare) and the guest WiFi devices can now access the internet.  The primary network uses the pi-hole.  

  @NachoGtz good that you found a solution for yourself. But as stated before in this thread, it's not a real solution.

There will still be traffic from your network that uses the secondary DHCP server (and thus not the pi.hole).