[Dnsmasq-discuss] Subnet specifications for authoritative dns

Simon Kelley simon at thekelleys.org.uk
Tue May 28 13:59:07 BST 2013

On 27/05/13 20:30, Toke Høiland-Jørgensen wrote:
> Hi
> What's the rationale behind limiting subnet definitions in auth-zone to
> (for IPv4) /8, /16 and /24?
> I'd like to limit the hosts that show up in authoritative DNS to a
> smaller subnet (/25 in this case), to prevent hosts on my guest network
>  From being globally named.

It's to do with delegating reverse DNS, which happens at the octet 
level. For instance for, the domain


is delegated, whilst for its


In your case, to delegate or isn't possible using this scheme. There is a 
workaround involving CNAMES, but it's complicated for a simple-to-setup 
scheme, which is what dnsmasq is trying to provide.



More information about the Dnsmasq-discuss mailing list