This site requires JavaScript to be enabled
9367 views

10.0 - Updated on 2023-12-06 by Jack O'Brien [snow]

9.0 - Updated on 2023-12-06 by Jacob Gray

8.0 - Updated on 2023-04-19 by Jacob Gray

7.0 - Updated on 2023-04-10 by Jacob Gray

6.0 - Updated on 2023-04-10 by Cassie McCan

5.0 - Updated on 2023-02-20 by Brandon Bauer

4.0 - Updated on 2022-05-26 by Kolin Hodgson

3.0 - Updated on 2022-04-07 by Kolin Hodgson

2.0 - Updated on 2022-02-25 by Paul Drake

1.0 - Authored on 2017-04-27 by Jason Williams

1. Purpose and Scope

The purpose of these standards is to define the registration and subsequent maintenance of numeric IP addresses and network domain names owned by the University. These standards apply to all users of the Notre Dame network.

2. Domain and Subdomain Hosting

2.1 Notre Dame domain names and subdomains must be hosted on Notre Dame servers only.

2.2 Domains and subdomains will not be hosted for non-University related purposes.

2.3 Designated campus IT staff will have authority over the subdomains associated with their own departments or organizations.

3. Standards for Hostname Registration and Maintenance

3.1 Hostname registration is not required for any network devices on the Notre Dame zoned network.

3.2 Registered devices must be associated with a unique person and his/her NetID. No devices will be registered to shared/departmental NetIDs. Multiple devices can be registered to the same NetID, recognizing that the responsible individual acknowledges and adheres to the campus Responsible Use Policy (RUP) for all those devices.

3.3 Faculty and staff members will be allowed to self-register network devices in the .campus.nd.edu subdomain only. Requests for registrations in existing departmental subdomains (e.g., .oit.nd.edu) require coordination with the IT staff from individual departments or the Office of Information Technologies (OIT) Help Desk. Call the OIT Help Desk at (574) 631-8111, or contact your departmental IT support staff.

3.4 Students will be permitted to self-register network devices in the .resnet.nd.edusubdomain only.

3.5 Only core IT and web services are permitted in the .nd.edu top-level domain. No personal or individual machines are permitted.

3.6 The OIT will purge hostname registrations annually for all registered devices that have not been used in the previous 12 months, or that are registered to individuals that are no longer actively associated with the University. The OIT will announce the purge of registrations in advance, and individuals or departments needing exceptions will submit their requests through the Help Desk.

3.7 The OIT will purge hostname registrations annually at the end of the summer session for all registered devices in the .resnet.nd.edu subdomain, regardless of the date of last use.

4. Standards for Static IP Assignment and Maintenance

4.1 Static IP addresses are not supported as standard configuration for network devices. The University maintains a dynamic Domain Name Service (DNS) infrastructure that allows a user to request a static DNS name or Fully Qualified Domain Name (FQDN) of the form: device.oit.nd.edu, and will ensure that a device is always reachable by that DNS name. When a device requires a static IP address, it can be requested by contacting the OIT Help Desk.

4.2 Static IP addresses are assigned in limited cases of specific need, including but not limited to devices that cannot run DHCP, devices on non-DHCP networks, and users of IPtables.

4.3 Static IP addresses will only be assigned to devices that have registered hostnames and that belong to active Notre Dame faculty or staff.

4.4 Static IP addresses will not be assigned in wireless subnets or other subnets that are designated for shared use.

4.5 OIT network engineers, OIT DNS/DHCP administrators and the OIT Help Desk can assign static IP addresses in all campus subnets, and they also can authorize departmental IT staff to create static IP addresses in the specific subnet(s) allocated for their own department(s).

4.6 Departmental IT staff can only register static IPs in subnets allocated for their department(s).

4.7 The OIT and the relevant department IT staff will review static IP address assignments annually to verify continued need.

5. Standards for Access to the DNS/DHCP Administrative Interfaces

5.1 Access to the DNS/DHCP administrative interface is limited to those who have a recurring business or functional need to complete configuration tasks not available via the standard Web interface.

5.2 Individuals desiring access to the administrative interface should submit a request to the OIT Help Desk for access to dnsadmin.nd.edu.

5.3 Access will only be granted to users physically on the Notre Dame campus network or connected to the University’s Virtual Private Network (VPN).

5.4 The OIT and relevant campus department supervisors will review access to the administrative interface annually to verify continued need.

6. Scope of Administrative Privileges

6.1 Help Desk Add/Modify/Delete all record entries; IP Address Management (IPAM)

6.2 Network Engineering Add/Modify/Delete all record entries; IPAM; Network/DHCP

6.3 Systems Engineering Add/Modify/Delete record entries in dc.nd.edu

6.4 DSS/DES Add/Modify/Delete all record entries

6.5 OIT Operations Monitor devices, Add/Modify/Delete record entries in dc.nd.edu

6.6 Campus IT Staff Add/Modify/Delete all record entries in their subdomains

7. Definitions*

Domain

A set of network addresses, organized in levels. The top level identifies geographic or purpose commonality (such as .edu). The second level identifies a unique place within the top-level domain, and is equivalent to a unique address on the Internet (for example, nd.edu).

Domain Name Services (DNS)

The way that Internet domain names are located and translated into Internet Protocol (IP) addresses. A domain name is a meaningful and easy-to-remember “handle” for an Internet address.

Dynamic Host Configuration Protocol (DHCP)

A communications protocol that lets network administrators centrally manage and automate the assignment of Internet Protocol (IP) addresses in an organization’s network.

Dynamic IP Address

An IP address that changes each time you connect to the Internet.

Fully Qualified Domain Name (FQDN)

A domain name that specifies its exact location in the tree hierarchy of the Domain Name System (DNS). It specifies all domain levels, including the top-level domain.

Hostname

The unique name that represents an attached device on a network (for example, oit.nd.edu).

Internet Protocol (IP); IP Address

A method by which data is sent from one computer to another on the Internet. Each computer on the Internet has a numeric IP address that uniquely identifies it from all other computers on the Internet.

IPAM

IP Address Management; the management of allocation, administration, reporting and tracking of public and private IP space, IP devices and associated data.

IP Tables

An application program that allows a system administrator to define tables containing chains of rules for the treatment of packets that traverse a network.

Packet

A unit of data that is routed between origin and destination devices on a network.

Protocol

A special set of rules that the end points in a telecommunication connection use when they communicate.

Role

A type of access based on activities performed; for example, student team query role, finance team query role.

Static IP Address

An IP address that does not change from one Internet session to the next.

Subdomain

The part of the website address before the domain name. For example, in the web address oit.nd.edu, “oit” is a subdomain, or third level domain that is associated with the nd.edu domain.

Subnet (Subnetwork)

An identifiably separate part of an organization’s network, such as all machines in a geographic location, a building, or on the same local area network.

*Some definitions adapted from SearchNetworking.com.

8. Reference Documents

Responsible Use of Information Technology Resources

9. Responsibilities

9.1 Help Desk
    •    Receives request for static IP assignment
    •    Creates static IPs in spaces that are not shared
    •    Creates static IPs in shared spaces

9.2 OIT Network Engineers
    •    Assign static IP addresses
    •    Authorize departmental IT staff to create static IP addresses in their own subnets

9.3 DNS/DHCP Administrators
    •    Create static IP addresses
    •    Assign static IP addresses in all subnets

9.4 Department IT Employees
    •    Review and approve requests for registrations in their department subdomains

10. Procedures

10.1 Obtaining a static IP Address
    •    Static IP addresses are granted on the basis of business need.
    •    Either the OIT Help Desk or OIT Network Engineering will ensure that static IP addresses are necessary.
    •    Situations that warrant a static IP address include, but are not limited to:
          ◦    Devices that will not accept FQDNs for server names
          ◦    Devices that function as servers for a specific department or college
          ◦    Devices that are known to function incorrectly without a static IP address
          ◦    Devices that require a static IP address for security reasons or firewall rules

10.2 Assigning a static IP address
    •    OIT Network Engineers, DNS/DHCP administrators, and the Help Desk creat static IP addresses.

10.3 Self-registering a hostname
    •    Visit webreg.nd.edu, log in with NetID and password
    •    Provide the device’s MAC address
    •    Supply the requested information

10.4 Access to the DNS/DHCP Administrative Interface
    •    Submit a request to the OIT Help Desk for access to dnsadmin.nd.edu

10.5 Requesting a domain or subdomain
    •    Send email to OPAC with the requested domain and the business reason for its need

10.6 Requesting hostname registrations in a domain other than .campus.nd.edu or .resnet.nd.edu
    •    Call the OIT Help Desk at (574) 631-8111, or contact your departmental IT support staff

11. Contacts

For clarification of these standards, contact the Chief Information Officer via e-mail to cio@nd.edu, or by phone at (574) 631-9700.

12. Exceptions

Exceptions to these standards require the approval of the University’s Chief Information Security Officer.