The following contains warning messages that might be displayed in the Address Manager user interface.
W-01: CNAME Record Chaining
Description: | CNAME records shouldn't be chained together. |
Severity: | Warning |
Effect | DNS resolvers may return an error when attempting to resolve a CNAME chain. CNAME (alias) records should only be linked to A (host records). |
Association: | A CNAME Record that points to another CNAME. |
How to Detect: | Examine CNAME records that link to other CNAME records. Any CNAME that points to another should be flagged. |
Fix | Link the CNAME record to an existing host record or external host record. If the record doesn't exist, create it. |
W-03: DNS View not visible
Description: | DNS View might be hidden because another view might encompass its range. |
Severity: | Warning |
Effect | One or more of the views are hidden. Resolvers and applications won't be able to access records from hidden views. |
Association: | View |
How to Detect: | Examine the match-clients and deny-clients options (or lack thereof) from all
views to determine if the settings from one view might be hiding another. For
example, if two views have been configured to match addresses from the 10.0.0.0/8
IP block, then the first view listed in the named.conf.active file receives the
traffic, and the others won't. Flag the hidden view. This warning is displayed
in the following scenarios:
|
Fix | If the configuration has two views, configure only one view without Match Client or Deny Client deployment options. If the configuration has more than two views, configure each view so that they have unique values in the Match Client or Deny Client deployment options. |
W-06: IPv4 Address space is reserved
Description: | Certain blocks of IPv4 space are reserved. |
Severity: | Warning |
Effect | Assign addresses that might not be routable on the Internet.. |
Association: | IPv4 Networks or IPv4 Blocks |
How to Detect: | Match against reserved address space:
|
W-07: Record name might create compatibility problems
Description: | Users can legally use the space character and other ASCII values for record names. |
Severity: | Warning |
Effect | Some applications might not process the name properly. |
Association: | Resource Record |
How to Detect: | Examine resource records that contain characters that are atypical, yet valid
in domain names. For example:
|
Fix | If necessary, remove the character that generated the warning. |
W-08: ENUM Numbers exceed the maximum of 15 digits
Description: | Users can create ENUM numbers that exceed the maximum of 15 digits as set by the Telecommunication Standardization Sector (ITU-T). |
Severity: | Warning |
Effect | Might not get used by application. |
Association: | ENUM zone or number |
How to Detect: | Search the database for NAPTR Group or E164 Zone types that have an absolute name containing more than 15 digits. |
Fix | Limit the ENUM number to a maximum of 15 digits. |
W-09: DNS deployable without deployment roles
Description: | Zone is deployable, but there are no roles to make sure it gets deployed. |
Severity: | Warning |
Effect | Zone isn't deployed. |
Association: | Zone |
How to Detect: | Search for deployable zones that have no deployment roles (zone with deployable check box selected and no DNS roles). |
Fix | Add the deployment role to either the zone’s parent view or the zone itself. At least one of the deployment roles must be primary or hidden primary. |
W-10: SOA values are too short/long
Description: | The refresh, retry, expire, and minimum values are above or below recommended settings. |
Severity: | Warning |
Effect | Zone is deployed, but strange behavior with BIND and caching might occur. |
Association: | Entity where SOA option is defined. |
How to Detect: | Examine SOA option values against acceptable values:
|
Fix | Adjust SOA values to be within suggested ranges. |
W-11: DHCP lease time is too short/long
Description: | Lease times might be too short or too long. |
Severity: | Warning |
Effect | Short lease times create an extra load on a DHCP server and longer times might cause lease to be unavailable for use when the DHCP client is removed from the network. |
Association: | Entity where option is defined |
How to Detect: | Examine DHCP lease time option and flag if a lease time has been set to one
of following:
|
Fix | Adjust lease times to longer than values. |
W-12: DHCP max lease time is too short/long
Description: | Max lease times might be too short or too long. |
Severity: | Warning |
Effect | Short lease times create an extra load on a DHCP server and longer times might cause lease to be unavailable for use when the DHCP client is removed from the network. |
Association: | Entity where option is defined |
How to Detect: | Examine DHCP maximum lease time options and flag the owning entity if:
|
Fix | Adjust lease times. |
Note: The "DHCP max lease time is too short/long" warning message will also appear when the
minimum, default, and maximum DHCP lease times are set to the same value. This
configuration is considered normal for users who do not wish to configure variable lease
times, in which case the warning message can be ignored. Users who wish to clear the
warning message in this scenario can do so by configuring each DHCP lease time value to be
distinct. The minimum lease time must configured as the lowest value, and the default
lease time must be set lower than the maximum lease time.
W-15: ENUM zone deployable without deployment roles
Description: | ENUM Zone is deployable but there are no roles to make sure it gets deployed. |
Severity: | Warning |
Effect | ENUM Zone isn't deployed |
Association: | ENUM Zone |
How to Detect: | Search for deployable ENUM zones that have no deployment roles. |
Fix | Add a deployment role to view or to the ENUM zone. |
W-19: FQDN and label length validation for Zone
Description: | Invalid Fully Qualified Domain Name. |
Severity: | Warning |
Effect | Zone not deployed. |
Association: | DNS Zone |
How to Detect: | Examine that the zone name length is more than 63 characters or that the zone FQDN length is more than 253 characters. |
Fix | Reduce zone name length to 63 characters or fewer; reduce the zone FQDN length to 253 characters or fewer. |