Bandwidth and Statistics
IP and DNS
- Does OARnet have a standard list of ports or IPs to block?
- How do you request a port or IP be blocked?
- Why do you keep sending me Spam/Copyright/Security/Bot complaints?
- What's a forward DNS?
- What's a reverse DNS?
- Why do forward and reverse DNS need to match up? What happens if they don't?
- Can a zone file consist of more than one MX or A record?
- Is it possible for me to keep OARnet as my primary DNS and someone else as my secondary? Will OARnet be my secondary?
- Will you sub-delegate my IPs so I can handle reverse on my nameservers?
- Does OARnet provide DNSsec?
- Does OARnet provide Emergency Web Hosting?
Contacts at your institution
Yes, please tell us! We will open a ticket in our tracking system so that staff is aware of your maintenance and schedule downtime in our monitoring system if you give us a specific timeframe. Otherwise, our monitoring system marks your circuits down, we call you and possibly the Telco under the assumption there is an outage.
- IntraOhio bandwidth . Network traffic that stays within the State of Ohio.
- Internet (also called Internet1). General public connection.
- Internet2. Non-profit, national network dedicated to research and education. OARnet is Ohio's access point to Internet2.
5) How do you request a port or IP be blocked?
A member school can request for a port or list of ports to be blocked by sending a request to the Service Desk at email@example.com. The request must come from a listed contact at the school. In the case of an emergency you may call the Service Desk at 1-800-627-6420; we will need to verify your authority to request changes, however.
6) Why do you keep sending me spam/copyright/security/bot complaints?
OARnet is listed as the owner and contact for IP space that we have leased to our clients. We receive many types of security complaints, which we forward to the OARnet client currently responsible for that IP.
7) What's a forward DNS?
It is mapping a domain name to an IP address. We use "A" records to set these up in a zone file. CNAMES may be added to create "shortcuts" to existing A records. You must register forward domain zones.
Example: example.edu. IN A 192.168.10.1
www.example.edu. IN CNAME example.edu
A special PTR-record type stores reverse DNS entries. The name of a PTR-record is the IP address with the segments reversed + ".in-addr.arpa." For example, the reverse DNS entry for IP 188.8.131.52 would be stored as a PTR-record for "184.108.40.206.in-addr.arpa".
Reverse DNS is different from forward DNS in who points (delegates) the zone to your DNS server. With reverse DNS, your Internet connection provider (ISP) must point the zone ("....in-addr.arpa") to your DNS server. Without this delegation from your ISP, your reverse zone will not work.
9) Do we need reverse DNS? What happens if they don't match up?
We need reverse DNS for many purposes, especially mail delivery. Most ISP's mailservers require reverse lookup of a host sending mail, for validation purposes. This reduces IP spoofing and spam emails. If the ISPs don't find the reverse DNS for the IP, then the mail will be discarded or returned.
Reverse DNS is mostly used to track website visitors, email message origination, etc. This tracking is important because some machines require authentication of IPs. Forward and reverse zones are two separate zones whose files not necessarily hosted on the same nameservers. Typically, for every A record there should be a corresponding PTR record, but this is not always the case.
10) Can a zone file consist of more than one MX or A record?
Yes. Zone files can get really large mostly due to A records that are the most popular records in a zone. MX records are names of host that act as mail exchanger for the domain. MX records cannot point to an IP but only other names.
Example: if you have a mail exchanger with mail.example.edu as the name and 192.168.10.1 as the IP, then mail.example.edu must have an A record such as:
mail.example.edu IN A 192.168.10.1
and an MX record such as:
example.edu IN MX 10 mail.example.edu.
This means that any mail destined to say firstname.lastname@example.org must send it to mail.example.com, which has an IP address of 192.168.10.1 and a priority of 10. You can have more than one MX record (more than one mailserver) with different priorities.
11) Is it possible for me to keep OARnet as my primary DNS and someone else as my secondary? Will OARnet be my secondary?
Yes. It's a good networking practice to have two different ISPs as DNS hosts. One should be the primary (which could be the client or OARnet) and the other set as the secondary (which could be OARnet, the client or some other authorized system). Two ISPs are not likely to have outages at the same time, which reduces the risk of a network failure.
13) Does OARnet provide DNSsec?
All of OARnet's nameservers support DNSsec and use it for validating queries where RRSIGs are present. However, we do not currently sign any of the zones that we are SOA for or secondary for. We will set up TSIGs to authenticate zone transfers between servers if requested.
14) Does OARnet provide Emergency Web Hosting?
Yes, OARnet will store and deploy a basic campus web presence on a remote web server. This 24/7 service is hosted on a dedicated server on the network backbone and must be set up prior the emergency. Please contact your client-services representative for details.
Abuse: This contact is the individual or group to which spam alerts, copyright violations or other Internet abuse notifications should be sent, for IP addresses allocated to your institution.
Administrative: This contact provides authorization for new contacts to be added, changes to be made to services or to authorize others to request changes to the service or related information.
Maintenance: Contacts identified for maintenance will receive notifications of any scheduled or emergency maintenance that may affect your services. This includes work done by OARnet or by any of our vendors or service providers.
Technical: This is the contact that staff members at the OARnet Service Desk will start with to troubleshoot any outages or service impact that our monitoring has revealed. This includes verifying power at the site, checking the physical status of any OARnet or service-provider (AT&T, Time Warner, etc) equipment, as well as verifying and testing connectivity from the site. This will also be the primary contact we notify with any updates on outages.
After Hours: This contact type is provided if you would like to designate someone specific for contact outside of normal business hours (8 a.m. - 5 p.m.).
Escalation List: This list is used in the event of a service disruption. The list will act simultaneously as a notification to your institution, as well as to assist OARnet in efficiently resolving the disruption. Please provide a Primary, Secondary and Tertiary contact. The institution may use any type of contact (i.e. Technical as the Primary), though they must be reachable by mobile phone and after hours.
Billing: OARnet will be in touch with the billing contacts if there are any billing-related issues.
Site Contact: This is an opportunity to provide a contact for a specific location (i.e. a branch campus) if you have OARnet service at multiple physical locations.
Research Contact: This contact should be the designated leader for research on your campus. OARnet would like to have appropriate contacts for communicating about projects related to the 100Gig backbone and statewide collaborations.
VMWare Contact: This is the person with whom OARnet will work for any VMWare issues or updates.