Hi,
I sometimes hear/read people putting their tv and other devices on a guest Wifi or even on a separate VLAN. Most guest WiFi’s also have client isolation. I can understand that desire but I’m always wondering how that works in real life.
If you have a TV on a guest Wifi, how can you still cast things to it, as I assume your phone is on a different Wifi.
If you put your heating a different VLAN, how can you control the heating from your server that’s on a different VLAN?
What’s your setup in this regard. Is it worth to split? And what do you split and what not?
You have to set up proper routing, so the two vlans (your mobile/pc wifi vlan and the tv vlan for example) can communicate. But you don’t give Internet access to the tv/thermostat vlan, so they can’t “call home” and send all kinds of tracking back home.
Without internet your Chromecast can’t play YouTube etc.
Proper routing would be to have an mDNS repeater/relay that straddles both VLANs and handles the casting requests. Then, because the devices are in their own VLAN, you can give them narrow access to services while blocking most addresses to prevent egress of collected data