Access control management of delegated self-service IP address and third-level domain (i.e., x.gatech.edu) administration.
If you are an end-user in need of assistance with IP address or DNS assignments, please contact your local IT support staff.
Self-service access requires pre-approval from appropriate unit head(s). Requests should include relevant domains and network CIDR information.
NOTE: OIT strongly recommends that self-service access only be granted to IT staff responsible for the maintenance of servers and/or services with configured IP addresses in the requested name space.
Administrative access to the gatech.edu domain is restricted to select internal OIT staff whose duties require it.
System Availability: 24x7
Support Hours: 24x7 or via Self-Service
The following maintenance windows are reserved for installing, repairing and patching various components of this service:
- Every Tuesday 8:00 PM - Wednesday 6:00 AM EST
- Every Thursday 8:00 PM - Friday 6:00 AM EST
- Every Saturday 8:00 PM - Sunday 2:00 PM EST
End-users in need of assistance with IP address or DNS assignments should contact their local IT support personnel.
Please note that administrative self-service access to this resource is limited to GT campus networks or via VPN service.
Acquiring DNS and DHCP administrative access
Administrative access to a third level domain (x.gatech.edu) can be obtained by submitting a request from this page including the appropriate network CIDR's and domains required. Typically, the administrator of a domain is the CSR for the department sponsoring the third level domain. From there, the CSR may request access for others in the department. This should be the person in charge of maintenance of the server or service attached to the IP for which the name is requested. Administrative access to the gatech.edu domain is restricted to individuals within OIT for which it is necessary to perform their job duties efficiently and access availability for gatech.edu is determined by the DNS administrator. If an administrator is no longer associated with the Institute, their user account in the IPAM system will be removed along with all access.
DNS services are provided by the Bluecat Networks Proteus application. This application allows for delegation on a network or zone level. To add authorization to a zone or network, access will be given to one or more groups defined in the application. Users will then be added to the groups in order to access that group's zones and networks.
Deployment of Changes
Most changes to DNS made through the Proteus interface should propagate to the DNS servers in no more than 10-15 minutes. Some more complex changes may take up to an hour. If an hour passes and the change has not propagated, please contact firstname.lastname@example.org so that the problem can be investigated.
Situations to Avoid
- All CERT entries must be valid. Invalid CERT entries cause problems with deployment.
- Third-level zones and gatech.edu records may not have the same name.
- Any names not related to the goals of the Institute may be deleted without notice.
- Any names containing profanity will be removed, and the administrator that created the name will have all access removed.
- Use of an account by more than one person is prohibited. If more than one person needs access, make a request to email@example.com to add them to Proteus
- IP addresses which have more than one A record must only have one reverse record corresponding to the canonical name for that IP. The results are indeterminate otherwise.
Independent Name Servers
Departments may run their own DNS server, although it is discouraged. The names of the servers must be provided along with the zones for which the servers should be authoritative. Zone transfers and name resolution must be allowed for all Institute nameservers. Restricting zone transfers and name resolution as much as possible is advised for security reasons.
External Domains and IP addresses
Adding external domains to the nameservers and pointing gatech.edu names to external IP addresses is allowed. A request must be made to firstname.lastname@example.org in order to add these. Please note that we are not a registrar. You must obtain the domain name from an external entity and then point the nameservers to dns[1-3].gatech.edu if you wish to use Proteus to manage the names.