Remove limit in prefix length in --auth-zone.

2025-12-19 10:18:25 +00:00 · 2013-05-29 16:32:07 +01:00
parent 3e8ed78bf1
commit baa80ae512
4 changed files with 12 additions and 8 deletions
--- a/man/dnsmasq.8
+++ b/man/dnsmasq.8
@@ -572,13 +572,16 @@ If you use the first DNSSEC mode, validating resolvers in clients,
 this option is not required. Dnsmasq always returns all the data
 needed for a client to do validation itself. 
 .TP
-.B --auth-zone=<domain>[,<subnet>[,<subnet>.....]]
+.B --auth-zone=<domain>[,<subnet>[/<prefix length>][,<subnet>[/<prefix length>].....]]
 Define a DNS zone for which dnsmasq acts as authoritative server. Locally defined DNS records which are in the domain
 will be served, except that A and AAAA records must be in one of the
 specified subnets, or in a subnet corresponding to a constructed DHCP
 range. The subnet(s) are also used to define in-addr.arpa and
-ipv6.arpa domains which are served for reverse-DNS queries. For IPv4
-subnets, the prefix length is limited to the values 8, 16 or 24.
+ipv6.arpa domains which are served for reverse-DNS queries. If not
+specified, the prefix length defaults to 24 for IPv4 and 64 for IPv6.
+For IPv4 subnets, the prefix length should be have the value 8, 16 or 24
+unless you are familiar with RFC 2317 and have arranged the
+in-addr.arpa delegation accordingly. 
 .TP
 .B --auth-soa=<serial>[,<hostmaster>[,<refresh>[,<retry>[,<expiry>]]]]
 Specify fields in the SOA record associated with authoritative