Why would that network need to provide internet connectivity? Have the Wi-Fi gateway perform the authentication and provide an interface, or use a vlan connected to a server that handles that.

> Those features are not found in 'normal' wifi routers

Then deplore the state of current consumer wi-fi routers and protocols. We can do better than this.

More to the point, Wi-Fi wasn't really designed for this, so maybe a new kind of extension is warranted (like NAN, P2P, mesh, etc). Or use another protocol: Zigbee, Lora, z-wave, etc. These generally have the guarantees you want, sometimes do mesh networking, etc.

In the past, I've used a raspberrypi3 as a "IoT hub", using its wi-fi network to connect "smart" devices. The third-party server was my hub. Everything works without internet. The dedicated wi-fi network doesn't have internet. You can even lower the bandwidth to 20 MHz, and 1Mbps to achieve greater ranges on that channel.

> if my compuer and IoT hub is on my main network, and the lightbulb is on the guest one, how do they talk?

If your IoT devices aren't on the same subnet as your smartphone or computer, the vast majority of their "frontend apps" are already DOA. If you're lucky, those apps might let you explicitly specify the device's IP address (in a half-baked fashion that still doesn't work very well).