[Dnsmasq-discuss] Subnet specifications for authoritative dns
simon at thekelleys.org.uk
Tue May 28 13:59:07 BST 2013
On 27/05/13 20:30, Toke Høiland-Jørgensen wrote:
> What's the rationale behind limiting subnet definitions in auth-zone to
> (for IPv4) /8, /16 and /24?
> I'd like to limit the hosts that show up in authoritative DNS to a
> smaller subnet (/25 in this case), to prevent hosts on my guest network
> From being globally named.
It's to do with delegating reverse DNS, which happens at the octet
level. For instance for 10.0.0.0/8, the domain
is delegated, whilst for
In your case, to delegate 192.168.1.0-127 or
192.168.1.128-255 isn't possible using this scheme. There is a
workaround involving CNAMES, but it's complicated for a simple-to-setup
scheme, which is what dnsmasq is trying to provide.
More information about the Dnsmasq-discuss