Login   |   Secure Purdue > Best Practices

Procedures for the Use of the Domain Name System at Purdue University

PDF icon View PDF for print

Introduction:

The Domain Name System (DNS) is a distributed database system used to translate hostnames (such as www.purdue.edu) to IP addresses (such as 172.31.9.5) and to translate IP addresses back to hostnames. Global authority for the DNS has been delegated by the Internet Architecture Board to several top-level registries. These registries further delegate authority for portions of the DNS to sites on the Internet, who may, in turn, delegate portions of their namespace to other entities.

At Purdue University, authority for the purdue.edu namespace has been delegated to ITaP Networks and Security (ITNS). ITNS is responsible for the smooth operation of the Purdue DNS and works with other departments to coordinate changes and manage resources for the benefit of the University as a whole.

The purpose of this operational procedure is to provide instruction for the use of the Purdue University DNS and to maintain consistency in the registration request process.

Subnet Allocation and Use:

Purdue University West Lafayette campus has been assigned multiple IP networks by the American Registry for Internet Numbers (ARIN). These networks are: 

  • 128.10.0.0/16 (Computer Science)
  • 128.46.0.0/16 (Engineering Computing Network)
  • 128.210.0.0/16 (West Lafayette campus address pool, administered by IT Networks and Security)
  • 128.211.0.0/16 (Split between Computer Science and the Campus address pool)
  • 204.52.32.0/19 (School of Agriculture IT)
  • 192.5.40.0/24 (Reserved for network management)
  • 192.5.101.0/24 (Reserved for network management)
  • 192.5.102.0/24 (Reserved for network management)
  • 192.31.0.0/24 (Reserved for network management) 

 Additionally, Purdue’s Regional campuses have the following assigned networks: 

  •  134.68.0.0/16 (IUPUI)
  • 149.164.0.0/16 (IPFW)
  • 163.245.0.0/16 (Purdue North Central)
  • 205.215.64.0/18 (Purdue Calumet)
  • 69.51.160.0/19 (Purdue Calumet)

The West Lafayette campus network supports the use of private IP subnetworks as defined in RFC 1918. Currently, the address ranges defined in that document are handled by the West Lafayette campus network as follows: 

  • 192.168.0.0/16 (Completely private (no router presence), but may span between buildings)
  • 172.16.0.0/12 (Fully routed within the West Lafayette campus network)
  • 10.0.0.0/8 (Partially routed within the West Lafayette campus network)

Usage of subnets of these private address ranges is coordinated by the Hostmaster. When a group wishes to be assigned some portion of one of these address spaces, they should send an email message to the Hostmaster indicating the size and type of address space needed, along with a brief description of the intended usage. As the Hostmaster’s role is only to coordinate and record the usage, no reasonable request will be denied.

Procedures for subnet allocation specified in this document apply only to the address space controlled by ITNS (specifically, 128.210.0.0/16 and 128.211.128.0/17). Other groups with IP address space assigned to them may have their own procedures.  

Subnet Assignment

ITNS attempts to balance good utilization of finite address space, while allowing adequate room for expansion by organizational entities. Currently ITNS assigns subnets sized to meet the anticipated needs of the customer. To achieve this, the target initial population for a subnet should be between 50-75% of the initial allocation.  

An organizational entity must audit their currently assigned IP addresses to ensure that their currently registered addresses are actually in use prior to requesting additional address space. Requests for ITNS assistance with this audit can be sent to the Hostmaster.  

An organizational entity should send a request to the Hostmaster if additional address space is still needed after cleaning up any unused addresses. The request should provide a growth projection for the next 6-8 months and contain a plan describing how an organizational entity will split one or more of their existing subnets to achieve the target initial allocation indicated above. While a balanced split is desirable, it is unlikely that a perfect split will be achieved. The organizational entity should take the opportunity to think about dividing their network users along logically consistent lines, preferably geographic. For instance, an organization should consider splitting their network to place all users in one building on one subnet and those in another building on a different subnet (or splitting existing subnets between wings or floors of a building).  

Although the available address space is finite and this procedure seeks to conserve available address space, no reasonable request for address space that conforms to the above guidelines should be denied. ITNS may request that organizations consider using Network Address Translation (NAT) or private address space if address space is limited or full Internet access is not required (i.e. for printers). 

Note:  Address space allocations for IPv6 networks are still being developed. When address allocations for IPv6 are made, the same standards and procedures listed for current IPv4 addresses in this document will also apply to IPv6. 

Address Allocation within a Subnet

Address allocation within a subnet is a cooperative effort between the Hostmaster and the group assigned to the subnet. As part of this cooperative effort, ITNS will make reasonable efforts to comply with the requests of the group with respect to specific IP addresses. However, it should be noted that all addresses within ITNS administered space are owned by ITNS, not the group or groups assigned to the subnet. 

Up to the first ten addresses on any subnet shall be reserved to ITNS. These will be used for router attachment, testing, and other network monitoring and management functions. 

When an organizational entity has an entire subnet, or multiple subnets assigned for their use, they may exercise nearly complete control over how they choose to assign addresses. They may choose to divide the address space to try to collocate various sub-groups, or may simply exercise a “first come, first serve” policy. Regardless of the method used, all addresses in use must be registered with the Hostmaster. 

When an organizational entity shares a subnet with another group, care must be taken to ensure that each group’s address assignments do not interfere with the other. For this reason, the Hostmaster will assign addresses on shared subnets. Registration requests may request a specific address, but the address shall not be considered valid until the Hostmaster has completed the registration and responded. 

Domain Name System (DNS) Procedures:

Top-Level Host Names

A top-level host name is a host name in the purdue.edu namespace that is not a member of any subdomain. The procedure for applying for a top-level host name is set forth in the section titled DNS Service Requests, below.  

Subdomains

Each University organizational entity is entitled to one subdomain of purdue.edu. Any organizational entity may change their subdomain name at any time. If an instant change is desired (no overlap between old and new names), the request can be made by sending an email message to the Hostmaster indicating the change.  

Once the name change has been processed, the organization is expected to make every effort to complete the change and abandon the old subdomain name by the end of the overlap period. If, despite appropriate effort, the change cannot be completed by the original date, an extension may be requested by sending an email to the Hostmaster. 

Student Organizations

Requests to register names for student organization machines may be made by the faculty sponsor for the organization or by an officer of the organization provided that the faculty sponsor is copied on all correspondence. Requests from new student organizations must identify the name and email address of the faculty sponsor to be processed. Requests can be made by sending an email to the Hostmaster. 

Foreign Domain Names

When an organizational entity wishes to pursue a foreign domain name, ITNS provides two options:

  1. Self-managed
  2. Purdue managed 

An organizational entity choosing the self-managed solution is responsible for all aspects of providing the DNS service for the foreign domain and must notify the Hostmaster prior to implementation. This includes contacting an appropriate registry (including paying any fees they may assess), providing or identifying willing DNS server hosts, and working with the maintainers of those hosts for the registration of any aliases for Purdue hosts. ITNS’ only responsibility in the self-managed solution is to respond to any request by the registry or DNS server administrators for authorization to assign aliases to Purdue hosts. 

For organizational entities choosing the turnkey solution, ITNS will take on all responsibilities for establishing and maintaining the foreign domain name. This includes contacting the appropriate registry (and paying any fees they may assess), providing and configuring at least two DNS servers, and responding to host registration requests in the same manner as requests for purdue.edu registrations. In essence, the foreign domain is operated exactly as the purdue.edu domain. There is a minimal cost for this service to cover expenses associated with managing a foreign domain name. 

When the foreign domain name comes up for renewal with the external registry, the organizational entity will be contacted by the Hostmaster and asked if they wish to continue the service. Only a positive response will result in the service being continued. No answer, or a negative answer, will result in the foreign domain being retired from service when the external registry’s term expires. 

DNS Service Requests

An organizational entity or other group within the University may request the following items by sending a request to the Hostmaster.

  • Requests for a Top Level Host Name
  • Requests for a Student Organization Top Level Host Name
  • Requests for a Purdue managed solution for a Foreign Domain Name 

A supporting email signed by the appropriate dean, department head, organizational manager, or his or her designee, should also be sent to the Hostmaster. 

Requests for a Top Level Host Name must contain:

  • The identity of the organizational entity or other group
  • The top-level host name being requested
  • The name and email of the organizational entity’s technical contact
  • An explanation of why this host does not fit in any existing subdomain
  • A description of the service this host will provide to the University as a whole 

Requests for a Student Organization Top Level Host Name must contain:

  • Requirements for a Top Level Host Name (above)
  • The memo must additionally be counter-signed by a representative of the Dean of Students
  • The top-level host name must be periodically renewed

Requests for a Purdue managed solution for a Foreign Domain Name must contain:

  • The identity of the organizational entity or other group
  • The foreign domain name being requested
  • The name and email of the organizational entity’s technical contact
  • Justification for this foreign domain name
  • A Purdue University account number from which this fee will be paid 

Registration Requests

All host registration requests (whether adds, changes, or deletions) should be made by the organizational entity’s designated technical contact via email to the Hostmaster. When a change or deletion is requested, it is advisable to include the old information (IP address and host name) in addition to any new information to assist in avoiding errors. If a request is unclear or the Hostmaster is uncertain what the request means, the Hostmaster will contact the organizational entity’s designated technical contact for clarification. 

DNS services are provided by the central DNS server. Departments that have their own address space may request permission from the Executive Director for IT Networks and Security to have service for their domains delegated to their own servers. 

While every effort will be made to process pending host registration requests in a timely manner, no guarantees are provided as to exactly when the request will be processed. If a request should happen at a specific time, the request should be sent to the Hostmaster at least two business days in advance of the desired change and should clearly indicate when change should occur. Failure to provide appropriate advance notice may result in the change happening later than the requested time.

IPAM Solution

Designated technical contacts will be able to use the IPAM solution to register, modify, and remove DNS entries for their delegated domains and subnets. They will be responsible for ensuring that any names registered meet the DNS naming policy guidelines. Requests for new subdomains, foreign names, and access changes will still be managed by the Hostmaster

 Additional Information

Hostmaster at Purdue is maintained by ITaP Networks and Security. All questions about the Purdue University DNS, host registration requests, or other requests designated in this document must be directed to the Purdue University Hostmaster at hostmaster@purdue.edu.

 Related References:

Issued January 14, 2011from IT Networks and Security. Questions about this document can be addressed to hostmaster@purdue.edu.

Revised November 21, 2011 to update URLs.