2. DNS technical Rules and Guidelines

These are a set of guidelines used in assigning DNS entries, and which must be adhered to by network administrators. The official University rules are available on the ICT site.

The official contact address for all DNS-related queries is networks@oucs.ox.ac.uk. You should receive an autoreply giving you a ticket number; please keep it in the subject line of all subsequent correspondence relating to your request or query.

University IT Regulations

  • A valid "A" record within the ox.ac.uk domain must be present for all hardware assigned and using IP addresses within the ranges assigned to Oxford University.

This includes printers and network hardware, especially if they are sending or receiving packets via the University backbone (from time to time packets may leak onto the backbone even if you do not expect them to). Lack of DNS entry may result in access being denied to certain services; moreover it makes it easier for OUCS and external sites to identify machines in the event of problems. Obviously machines on private networks within departments (using "private" IP address ranges such as 10.0.0.0/24) need not be registered in the DNS, but any gateway/firewall connecting them to the University network must be registered.

Network Advisory Group

  • Library public machines may be placed within the library-public.ox.ac.uk subdomain in an effort to prevent their being used to access central email services.

OUCS Registration

  • Normally most hosts on your network will lie within a single subdomain, although some departments may have multiple subdomain names to reflect internal organisation.
  • Some units may wish for certain servers to be accessible via a different subnet name, for instance the long-format name as used on email addresses. Hostmaster may choose to allow these as aliases for primary public WWW and FTP servers (eg www.longunitname.ox.ac.uk), but other machines will remain within the standard unit name.

OUCS Security

  • To avoid your NAT gateway being mistaken for a standard host, OUCS strongly recommend that you give it a distinctive name in the DNS, for example student-nat.unit.ox.ac.uk.
  • The DNS resolvers may respond to queries with information as directed by OxCERT on security grounds.

OUCS Networks

  • A DNS entry may have up to 5 parts, for example host.unit.ox.ac.uk.
  • Requests to modify hostnames or for access to the DNS web interface must come from registered IT support staff.
  • Unit administrators should ensure that their contact details are kept up-to-date on the DNS web interface, as this information will be used to contact you in the event of any problems or queries.
  • The University is running short of unallocated IPv4 subnets. We have to ensure that we are able to allocate subnets to new departments over the next decade and longer that it will take before it will be viable to run IPv6 only. This means that we are unable to allocate new subnets greater than /24 in size and that existing Units will be expected to stay within their existing allocation (e.g. by the use of NAT/PAT).

IT support staff may self-register here.

DNS RFC

  • A DNS entry must not contain characters other than alphanumeric characters, dashes, and dots to separate the various components. DNS is case-insensitive.

Up: Contents Previous: 1. The DNS web interface Next: 3. Windows Active Directory and DNS