I set up 2 nest-pucks behind my firewall (ipfire), which work in nat-mode (a bit of a pain here, because things like port-forwarding are a 2-step-action here...). IpFire has 2 networks (green and blue, where blue has only one direct client: the nest)
my problem: I also set up a dns-server in the green net (blue CAN access green without problems) for my own domain (xxx.local) which is also propagated by dns (ipfire). Nest tells it's clients that the dns-suffix is "lan" and I can't change this. wlan-clients seem to have a problem to resolve x.xxx.local-names
I set the nest's dns to "ISP" (which is my ipfire, which propagates my dns-server)
There are very little you can do about this standard behavior AFAIK.
Do you use the wireless mesh functionality? If not, you could consider to bridge the Nest Wifis and effectively use them as access points instead (given all have ethernet ports).
It's a hassle though, you would need 1x Google Home home per bridged Nest Wifi device, as you can't have multiple bridged ones in one Google Home home.
Or sell Nest Wifi, buy access points?