diff --git a/NEWS b/NEWS
index 42399c5b..648dde0e 100644
--- a/NEWS
+++ b/NEWS
@@ -6,9 +6,7 @@
 - Allow forwarding empty passwords to auth backend.
 - depend on freeradius-client 1.1.7
 - fix seccomp filter in x86 systems.
-- Added per-user-configuration option explicit-ipv4. That allows
-  to specify only odd IP addresses, and the next even will be used
-  as the local address.
+- Added per-user-configuration option explicit-ipv4.
 - Added configuration option 'no-route' which corresponds to
   X-CSTP-Split-Exclude.
 
diff --git a/doc/sample.config b/doc/sample.config
index 1bb33bfb..9688d58d 100644
--- a/doc/sample.config
+++ b/doc/sample.config
@@ -292,13 +292,20 @@ predictable-ips = true
 # The default domain to be advertised
 default-domain = example.com
 
-# The pool of addresses that leases will be given from.
+# The pool of addresses that leases will be given from. If the leases
+# are given via Radius, or via explicit-ip? group config option then 
+# these network values should contain a network with at least a single
+# address that will remain under the full control of ocserv (that is
+# to be able to assign the local part of the tun device address).
 ipv4-network = 192.168.1.0
 ipv4-netmask = 255.255.255.0
 
 # An alternative way of specifying the network:
 #ipv4-network = 192.168.1.0/24
 
+# The IPv6 subnet that leases will be given from.
+#ipv6-network = fda9:4efe:7e3b:03ea::/64
+
 # The advertized DNS server. Use multiple lines for
 # multiple servers.
 # dns = fc00::4be0
@@ -307,9 +314,6 @@ dns = 192.168.1.2
 # The NBNS server (if any)
 #nbns = 192.168.1.3
 
-# The IPv6 subnet that leases will be given from.
-ipv6-network = fda9:4efe:7e3b:03ea::/64
-
 # The domains over which the provided DNS should be used. Use
 # multiple lines for multiple domains.
 #split-dns = example.com
diff --git a/src/ocserv-args.def b/src/ocserv-args.def
index a09ecac8..d316b5bb 100644
--- a/src/ocserv-args.def
+++ b/src/ocserv-args.def
@@ -367,13 +367,20 @@ predictable-ips = true
 # The default domain to be advertised
 default-domain = example.com
 
-# The pool of addresses that leases will be given from.
+# The pool of addresses that leases will be given from. If the leases
+# are given via Radius, or via explicit-ip? group config option then 
+# these network values should contain a network with at least a single
+# address that will remain under the full control of ocserv (that is
+# to be able to assign the local part of the tun device address).
 ipv4-network = 192.168.1.0
 ipv4-netmask = 255.255.255.0
 
 # An alternative way of specifying the network:
 #ipv4-network = 192.168.1.0/24
 
+# The IPv6 subnet that leases will be given from.
+#ipv6-network = fda9:4efe:7e3b:03ea::/64
+
 # The advertized DNS server. Use multiple lines for
 # multiple servers.
 # dns = fc00::4be0
@@ -382,9 +389,6 @@ dns = 192.168.1.2
 # The NBNS server (if any)
 #nbns = 192.168.1.3
 
-# The IPv6 subnet that leases will be given from.
-#ipv6-network = fda9:4efe:7e3b:03ea::/64
-
 # The domains over which the provided DNS should be used. Use
 # multiple lines for multiple domains.
 #split-dns = example.com