Apply Local DNS Records by group

Please consider allowing Local DNS Records to be applied by group.

Using this feature as implemented forces me to apply local DNS to all clients, but I would prefer just to route traffic for specific clients. It feels like using PiHole for local DNS to an alternate IP is the same thing as pi-holing an ad-service domain....
The notable difference between the two:
Blacklist can be done by group (directing DNS to NXDOMAIN, blank html, or similar)
Local DNS can only be applied globally (directing DNS to IP of my choosing)

(Adapted from previous request here Add NTP server, cache + intercept)
Some specific details on my particular use case:
I am using my PiHole to redirect uncontrolled NTP requests to a LAN NTP server because some IoT clients do not respect DHCP NTP options.

I accomplished this by using the "Local DNS Records" features in PiHole to point "time.windows.com" to the IP of my LAN NTP Server.

is that all blacklisted domains go to one and the same IP (as you said).
They are simply short-circuited inside Pi-hole.

For your local DNS this is not the case and every record will have its own address.

I do not really see the need for this feature in your case, why route only some NTP requests to your server if is can handle all of them?

In the case of my NTP, it's because I surreptitiously reroute traffic. I only want to do this for misbehaving clients.

However there are many use cases here for IoT devices. They may have problematic traffic to resources that I want to cache and manage internally for them but not for my traditional clients.

While this may work for NTP, I still don't see any possibility for

as everything will be SSL and you cannot add your own SSL certificates on the majority of devices. And some even have certificate pinning (which is a good thing, at least concerning security).

Sorry, I do not mean to be harsh, but I have not seen a valid use case for this. If you have a local NTP server, why should your regular Windows or Mac desktop still "call home" to their NTP servers? Why do you want to cache for IoT devices (if this works at all) but not for others?

I believe this feature is very helpful.
Because I use pihole at home but also on the go. But having the VPN on all the time is draining battery and not needed (I am in private Wifis mostly).
So I use Dns over TLS (which is native in Android 9). Problem:
My domains are redirected in pihole to my local addresses, because the devices are also in my local network. But with DNS over TLS/HTTPS they are not and now try to access e.g. 192.168.2.10 and can't reach my server, because they are in a complete different network.

Both techniques are using a steady tunnel to the upstream server so both should be using the same amount of battery. Your VPN type is likely a bad choice, what are you using? Using Wireguard is very lightweight as it is a non-steady VPN tunnel where traffic is only happening when also data is transmitted. It is very light on battery usage.

I can confirm that. I use a split tunnel design where only DNS requests are send over the tunnel and have not experienced high battery drain on Android 9.

Another use case for local DNS records per group: Local dns record per group