Management of IP addresses and host names at MSU

The following information is a short guide to the management of IP addresses and host names for computers at Michigan State University. If you are the IP network adminstrator for your unit, or if you have been given the task of assigning host names and IP addresses, please read this carefully.

Contents:

• Overview
• The IP Network Administrator
• Obtaining and Assigning IP Addresses
• Domain (Host) Names
• Top Level Names under the "msu.edu" Domain
• Domains other than "msu.edu"
• Types of DNS Records
• Submitting DNS Updates

Other related information

If you need a list of the IP network administrators at MSU, look at:

• IP Network Administrators/Managers

If you want to examine the current IP address records for your unit, look at:

• IP Host Data Files

Overview

Each computer at Michigan State University (and elsewhere on the Internet) is assigned a unique IP address. In most cases, the computer is also assigned a unique host name. This name and address allow you to communicate with other computer systems on campus, and on the world-wide Internet.

Addresses and names can be assigned in one of two ways - static (permanent) or dynamic (temporary, e.g. DHCP or dial-up). This document deals with static IP address assignments and host names only. For further information on dynamic addresses for Ethernet (DHCP), click here.

Each unit on campus which maintains static IP addresses is responsible for designating an IP network administrator to work with Academic Technical Services (ATS). The IP network adminstrator needs to keep a record of all static IP addresses that are assigned, including (at a minimum) the address, the host (computer) name, and the location of the computer. This information should be sent to ATS on a regular basis. While there is not a requirement to submit this information, you are strongly urged to do so, as it can often aid ATS, the unit's network managers, and the end users. Also note that some computer systems may require that IP addresses and host names be registered in this way before a connection can be made.

This information may be maintained by the IP network administrator in any convenient format. Suggested formats would include a text file, spreadsheet, or database. Regardless of your internal format, all DNS change requests should be submitted via e-mail as text only. See "Submitting DNS Updates" below for more details.

The IP Network Administrator

Each unit on campus should have a designated IP network administrator, whose function is to maintain records of static IP address assignments within the unit, and to pass on communications related to the campus network to individuals within the unit. For academic units, this can be handled at the college or department level, or both. For smaller administrative units, this can be relegated to the parent unit, or to the department which provides computer support for the unit.

The IP network administrator will also be the contact person for communication from ATS about network issues, either pertaining to the campus network at large, or pertaining to specific issues related to computer systems within the unit.

Generally, the IP network administrator would be the department's primary network manager or system administrator. In some cases, this task may fall to an administrative assistant or the like; we'll do our best to work with the designated IP network administrator at his/her level.

To request a change to the IP network administrator for a unit, or to designate an IP network administrator for a new unit, send an e-mail message to hostmaster@msu.edu. For a list of current IP network administrators, see IP Network Administrators/Managers.

Obtaining and Assigning IP Addresses

The IP address is a 4 part, dotted decimal number, with each of the four components consisting of a number from 0 to 255. The IP network administrator for a given unit is assigned one or more ranges of IP addresses, for use within a particular building or computer network. The first three parts are fixed, according to your unit's location within the Internet at large and within the campus network; the last part is your assigned range, and is usually 2-253, or a portion thereof. The IP addresses ending in 0, 1, 254, and 255 are reserved for various network uses.

Types of IP addresses

IP addresses may be obtained for the following classes of use.

• Full Internet access. This is the default, and covers most IP addresses at MSU. These IP addresses will provide full Internet access to and from a workstation or server.
   
• Limited access, Campus-only. IP addresses may be obtained which are restricted to campus-wide access. These would generally be assigned for the use of printers or other network devices, where control or access is required between buildings on campus. No access either to or from the Internet at large is available for these IP's.
   
• Limited access, local building network. IP addresses may be obtained which are limited to the local network only. These would be applicable for printers or other devices where the controlling server is located within the same building.
    Note that most buildings have several subnets, for the staff (administrative) network, the classroom/public network, computer labs (operated by ATS), and/or the Residence Hall room network. In some cases, departments may have separate subnets from each other within a building. The IP addresses in this category will not communicate between subnets within the building.

If you wish for other levels of access control, e.g. limiting inbound access but allowing full outbound access, or restricting access by service or port, you will need to run a firewall.

Assigning IP addresses

You can assign any of your registered addresses to any server, workstation or network device within your unit (but ONLY within the same building and subnet). You may want to group by system type (e.g. primary servers with low numbers), and/or location (by floor or work group or whatever). Keep in mind, though, that any good numbering scheme will not last forever, and the best approach is to keep good records.

Obtaining additional IP addresses

If you need additional IP addresses, or need IP addresses for a new building or a new portion of your building network, contact hostmaster@msu.edu. Please indicate the anticipated number of IP addresses which will be needed, and the building or section of the network for which the addresses are needed.

Domain (Host) Names

Domain names are assigned to various entities within a network. Generally, a domain name will provide a mapping to the IP address of a computer system or server. Domain names may also be used to map to mail system names (the portion following the "@" in an e-mail address, server or service names, and names for other networked devices (routers, switches, printers, etc.). See the discussion below describing the various types of records within the domain name system.

A computer system generally has a primary domain (host) name, which is a unique name assigned within the campus unit. The full domain name (host name) is generally a four part name of the form "sysname.unit.msu.edu", where you pick "sysname", and "unit" is the department or unit code that has been assigned to your unit. Five part (or longer) domain names are permissible, if desired to subdivide the domain names within a given unit. The name "unit.msu.edu" itself may also be assigned to a unit's key server (file server or Web server, generally), and to a unit's mail server, which may or may not be the same as the file/Web server.

"Sysname" must be an alphanumeric string, although it may have "-" in it (but NOT "_"), and is a maximum of 63 characters in length, although 12-16 characters is a more practical length. For PC's and other workstations, you may want to name it after the person (e.g. last name or initials), or the location (e.g. vc-a215-2). For host computers, you'll want something mnemonic, or else something memorable.

A computer system may have one or more additional domain names, either as aliases (CNAMEs) or as additional "host" (A) records. These would generally be used to describe additional services (e.g. Web, e-mail, FTP). Additional names may also be used for "virtual hosts" (especially for Web servers), or to allow for a domain name change.

Top-level Names under the "msu.edu" Domain

The top-level ("unit") domain names under "msu.edu" are generally limited to MSU major administrative units, as listed in the MSU Faculty and Staff Directory or other related publications. Other top-level domain names may be assigned, with the prior approval of ATS and Network Management Services. Top-level names are not automatically issued on a first-come, first-serve basis.

In cases where a unit code could apply to more than one campus unit, the following priorities will be used:

• Existing use. Once assigned, a domain name will not be reassigned to another unit without the approval of the current unit and adequate time to implement any necessary changes.
   
• Colleges. Preference will be given to the course catalog designation for college courses, if applicable.
   
• Academic departments. Preference will be given to the course catalog designation for department courses, if applicable. The course catalog designations will be reserved for the department even if not currently in use.
   
• Other major administrative units (MAUs). Non-academic units may be assigned any code which does not conflict with codes used or reserved for academic units.

Top-level domains may also be assigned as follows, with prior approval (this is not an exhaustive list).

• Interdepartmental projects. A project or unit name or code may be assigned to a project group which spans multiple departments.
   
• Key campus services. A service which is used by a broad range of the campus population may merit a top-level domain name. In such cases, the name will be reviewed for suitability and appropriateness for the service, within the scope and mission of the University as a whole. Overly general or generic names are likely to be rejected. Other general names or terms will be limited to the most appropriate service or unit to which the name would generally be associated within the University.
   
• Descriptive names. A unit may be granted a longer, more descriptive name to complement its shorter unit code, particularly for mail server and Web server naming.

• Individual names. Names of current faculty, staff, or student members of the MSU community are NOT acceptable for top-level domains under "msu.edu". Names of individuals may only be used at the top level when referring to a campus unit, building, or the like, which has been formally named after said individual.

  Names of individuals may be acceptable at the unit (department) level; contact your unit's IP network administrator for verification.

• Some variants of existing domains. Some variants of existing domain names, such as adding a numeric suffix (e.g. "unitname2.msu.edu") or a test domain ("unitname-test.msu.edu") are generally not acceptable. Such needs are generally better handled by alternate domain names under the existing top-level domain (e.g. "server2.unitname.msu.edu" or "test.unitname.msu.edu").

  Other variants of existing top-level domain names will be reviewed on a case-by-case basis, e.g. to accomodate alternate spellings or wordings.

• Student organizations. Student organizations may opt to use an alternate top-level domain (e.g. ".org").

  Registered Student Organizations (RSOs) will be permitted to register a domain name under rso.msu.edu, of the form organization.rso.msu.edu, where organization is the organization's registered name or an acceptable abbreviation thereof.

How to request a new top-level domain

Once the domain name has been approved, you can submit requests for domain name records ending in the approved top-level domain the same manner as for departmental domain names.

Domains other than "msu.edu"

Examples of acceptable use of alternate domains (this list is not necessarily complete):

• Inter-institutional programs or projects. This would include a program or project which is sponsored by multiple institutions, or which is sponsored by an individual or unit at MSU but whose scope is wider than MSU.

  In general, a domain under ".org" (domain.org) would be appropriate.

• Inter-institutional publications or journals.
   
• MSU-sponsored commercial activities. Campus activities of a commercial nature (e.g. Breslin Center) may best be listed under a separate ".com" domain.

It is up to the sponsoring individual and/or unit to obtain the domain name from one of the established Internet domain name registrars, and to arrange directly for the billing of the associated registration fees. Academic Technical Services will not be responsible for payment of these fees, or for ensuring that the registration is kept current.

It is not necessary to register all such domains with ATS and its name servers, but such registrations will be acceptable as long as the associated program or project is officially supported by a unit within Michigan State University.

Some uses of alternate domains are not consistent with the functions of Michigan State University. Examples include:

• Commercial names unrelated to MSU. Commercial names, or other organizational names where no official MSU sponsorship applies, are not permitted on systems owned by or operated at Michigan State University, without express prior approval. Examples would include student computers or outside work by faculty or staff.

Types of DNS Records

• Host (A and PTR) Records
• CNAME (alias) Records
• MX (Mail Exchange) Records
• TXT (Text data) Records
• SRV (Server) Records

Host (A and PTR) Records

Host records are the most common DNS record type within the MSU system. Each Host record will generate an A record, which maps a domain name to an IP address. The first Host record with a given IP address will also generate a PTR record, which maps the IP address back to a domain name. Host records can also generate CNAME and MX records; see details in the description below.

The following format is used for Host records. This is based on the Unix /etc/hosts format, with one line per host, as follows:

  ip-address   domain-name alias-domain-name [...]  # opsys: cpu: {keyword} comments

"IP-address" is a four-part dotted IP address, as described above. "Domain-name" is a fully-qualified domain name, also as described above.

One or more aliases may listed on the "Host" record. Aliases may also be listed on separate CNAME records. There is no functional difference in using one form or the other.

The punctuation must be as shown; the "#" separates the host name and any aliases from the comments. The "opsys" (operating system) and "cpu" (computer system type) are optional, but must be followed by colons if included. Colons should not be used for other purposes in the comments. One or more optional keywords enclosed in { }, may be provided; see the description below.

For example,

  35.8.123.231   office123.unit.msu.edu  # Main office, room 213

Host Record Comments

It can be useful to provide a comment on a Host Record which includes the room number, person's name, or a short description. The CPU (system hardware) type, the operating system are optional, and their inclusion is deprecated.

If included, the CPU type ("cpu") is typically a generic system type, such as PC, Mac, Sun, or RS/6000. It can also include a specific system model (e.g. "Gateway 386/33", "Mac IIsi", "Sun 4/230", "RS/6000-350"), although this is discouraged, since the model can change fairly often, and it requires more diligence to maintain an accurate list.

The operating system (opsys) is the name of the base system software, such as Windows XP and other Windows variants, MAC-OSX, Linux, or Solaris.

One or more special keywords may be listed in the comments field on a Host Record. The most common keywords are:

  MX: mail-domain-name: 0: domain-name

CNAME (alias) Records

CNAME records are of the form:

  CNAME: alias-domain-name: domain-name

It is important to note that the "alias-domain-name" as given on a CNAME record must NOT appear on any other DNS record. The CNAME record will map any and all requested record types (e.g. A, MX, TXT) to the corresponding record for the target domain name.

MX (Mail Exchange) Records

Mail Exchange (MX) records provide a mapping between a mail domain name and the mail server or servers which handle incoming mail for the domain.

"Mail-domain-name" is the right hand side of an e-mail address, i.e., user@dept.msu.edu. The "mail-domain-name" may be the same as as a host (A) domain-name, if desired. It may NOT be the same as a CNAME alias-domain-name. The server for a mail-domain-name may be different from the server for the identical host domain-name. This is useful, for example, to direct mail for "user@dept.msu.edu" (mail-domain-name "dept.msu.edu") to a mail server, while directing web access for http://dept.msu.edu/ (host domain-name "dept.msu.edu") to a separate server.

It is strongly recommended that one or more MX records be provided for all systems which receive external SMTP mail.

Mail exchange records records are formatted as follows:

  MX: mail-domain-name: precedence: domain-name

For example,

  MX: msu.edu: 10: sys23.mail.msu.edu
  MX: msu.edu: 20: mail.msu.edu

Multiple MX records may be specified for a single mail domain. The "precedence" is a decimal number, with lower values indicating higher precedence (will be tried first). If multiple MX records have the same precedence, each listed system will be tried in a "round-robin" fashion.

MX records may also be specified with the {mx} keyword on the Host (A) record, for the case where the mail-domain-name is identical to the host's own domain-name. See the description of the Host (A) record above.

TXT (Text) Records

The TXT record may be used to place any desired text string into the domain name system. TXT records are seldom used.

SRV (Server) Records

SRV (Server) records are most often used in conjunction with Windows 2000 or XP server systems. Server records are generally maintained automatically within the Windows 2000 Active Directory system, but are sometimes applicable within the central campus DNS system.

The SRV record is formatted as follows:

  SRV: service-domain-name: priority weight port server-domain-name

Priority, weight, and port are all numeric values; server-domain-name is the domain name of the server, as specified in a separate host (A) record.

Submitting DNS updates

Send your DNS updates periodically or as additions and changes occur. Updates will be made to the campus database and internet domain name service periodically, usually within 1-2 working days of receipt. Change requests should be sent via electronic mail to hostmaster@msu.edu; changes sent by other means (e.g. voice mail or personal e-mail) may be delayed.

DNS updates should be sent as plain text only. DNS updates sent as spreadsheet or word processor attachments, or HTML encoded e-mail messages, may be delayed or rejected. Each entry should be complete on a single line - use long lines rather than "wrapped" lines if at all possible.

If you have a time-critical host name or IP address change, be sure to notify hostmaster@msu.edu at least 1 working day in advance, so that a suitable time can be arranged for the change.

Please send ONLY the changes (new entries, changes, and/or deletions), rather than a complete replacement listing each time.

If you have mixed additions, changes, and/or deletions, preface each entry or set of entries with a SEPARATE line indicating "add", "change", or "delete". For changes, the new entry should be in the same format as described above for additions; the old entries need not be included as long as it is clear what is changing (IP address, host name, or comments). For deletions, it is not necessary to include the entire host entry (although you may do so!) - either the name or IP address is generally sufficient.

Last modified: 27-May-2008