IT Services

DNS Technical Information


1. The DNS web interface

The Interface for Hosts Update is the preferred mechanism for updating the Oxford University hosts database.

If you are a departmental or college network administrator who wishes to use this scheme you will need to apply for a password from

The web interface allows for manipulation of the following:
A records
The principal name<->number mapping for hosts. For instance, IP address maps to
CNAMEs (aliases)
These allow multiple names to point at a single host. For instance, a machine registered as may act as the webserver for the college, and thus a CNAME entry pointing at that machine can be put in. Note that the alias points at a name, not a number.
MX (mailer) records

These allow for mail addressed to one host to be handled by a different host, for instance all mail addressed to will be sent instead to Note that this will not affect the username portion of an email address; it only allows one to perform per-hostname filtering.

The record name need not exist as an A record; while the A record might not exist, it can exist as an MX record, ensuring that any mail to addresses with to the right of the "@" sign is directed to a mail server.

An MX record may point to multiple hosts, in which case systems will attempt to pass on mail in order of priority should the primary mailserver be unavailable. Often will act as the secondary mailserver. A name in an MX record must not be a CNAME record.

Other records
In a few cases, DNS records may be required which cannot be processed by the DNS web interface. In these cases, please contact with your requirements.

2. DNS technical Rules and Guidelines

These are a set of guidelines used in assigning DNS entries, and which must be adhered to by network administrators. The official University rules are available on the ICT site.

The official contact address for all DNS-related queries is You should receive an autoreply giving you a ticket number; please keep it in the subject line of all subsequent correspondence relating to your request or query.

University IT Regulations

This includes printers and network hardware, especially if they are sending or receiving packets via the University backbone (from time to time packets may leak onto the backbone even if you do not expect them to). Lack of DNS entry may result in access being denied to certain services; moreover it makes it easier for OUCS and external sites to identify machines in the event of problems. Obviously machines on private networks within departments (using "private" IP address ranges such as need not be registered in the DNS, but any gateway/firewall connecting them to the University network must be registered.

Network Advisory Group

OUCS Registration

OUCS Security

OUCS Networks

IT support staff may self-register here.


3. Windows Active Directory and DNS

Some Windows services, in particular Active Directory, require that the DNS servers support SRV (service) records and prefer also that dynamic updates are supported.

While the main Oxford DNS servers can in principle handle SRV records, dynamic update requests from Windows clients are best handled in a secure manner by the Microsoft DNS server software.

In view of this and other operational considerations, the decision was taken that each unit wishing to use Active Directory services operate its own local Windows DNS server. Notes and minutes relating to the relevant meetings may be found on the Active Directory pages.

3.1. Implementation

In order to integrate with the Oxford University DNS, it is required that six subdomains be delegated to each unit DNS server. These subdomains are as follows (the final two do not apply to Windows 2000-only domains):

The delegations will be made to one or two servers within your own unit. Server delegations should be registered via the DNS web interface in the usual way.

Refer to the instructions on Installing and Configuring Windows DNS to Support Active Directory together with the Active Directory pages for further information and full details of configuring DNS to support both configurations.

3.2. Disabling dynamic DNS registration

By default PCs running Windows 2000 and above (both workstation and server products) will try to register their name and IP address in the DNS each time that they boot up. To minimise the extra load that this will cause on the Oxford DNS servers, we'd be grateful if you would turn this option off when you install Windows XP, Vista etc. Never disable this setting on domain controllers as this will also stop them registering their service records.

To disable automatic registration after Windows has been installed, open the [Network] control panel, bring up the [Properties] box for the Local Area Connection, open the [Properties] for TCP/IP, go to [Advanced/DNS] and turn off the option [Register this connection's addresses in DNS]. You can also disable registration during a custom install of XP by going into the [Properties] of TCP/IP at the appropriate point in the installation process.