dnsmasq only supports the following prefix lengths:
8, 16, 24, 32. The line
specifies a netmark of
/12 which is not allowed. This has nothing to do with your last assumption.
This is documented in the
man page (albeit poorly and only under the option
If the address range is given as
ip-address/network-size, then a additional flag "
local" may be supplied which has the effect of adding
localdeclarations for forward and reverse DNS queries. Eg.
is identical to
domain=thekelleys.org.uk,192.168.0.0/24 local=/thekelleys.org.uk/ local=/0.168.192.in-addr.arpa/
The network size must be 8, 16 or 24 for this to be legal.
It would be easy to allow
/12 (or even any arbitrary mask!), however, it is a feature request that needs to be addressed by
pihole-FTL (we follow a minimal modifications of
I checked how it is currently implemented and realized that
dnsmasq uses a quite clever trick to simplify the task significantly. Unfortunately, this trick - going from
in-addr.arpa downwards in "subdomains" - ultimately prevents any netmask that is not a multiple of 8. Allowing something like
/12 would require a complete rewrite of the entire algorithm used here.