VLAN DNS settings and firewall rules

First, I have to give a shout to @LTS_Tom - I love your channel and its a great service for the community. I have learned a ton watching your videos.

I followed the video on setting up a VLAN with pfsene and Unifi (LINK). I have a couple of questions.

  1. At ~9:48 into the video, Tom shows an existing VLAN called ‘VLAN69’ that has some DNS rules. He did not recreate those rules for the ‘IOT’ VLAN. Are these rules required? I setup a VLAN for my IoT devices.

  2. After setting everything up, I tested the rules by connecting my laptop to the VLAN and pinging my computers and devices on my LAN. The pings timed out. I also did the opposite and I was able to ping from a LAN device to the ‘IOT’ VLAN. Is this correct per the instructions in the video? Any cons to having the LAN devices being able to communicate with the that VLAN?

If you want IOT to have DNS then allow DNS on that interface.