On June 13 2006, all Dormnet subscriptions will be renamed to remove OIT netids from the Internet DNS hostnames.
Since 1993, each Dormnet subscription has been assigned a hostname of the form netid.student.princeton.edu, where netid is the student's OIT netid. For those students who have requested additional Dormnet subscriptions, they have been named netid2.student.princeton.edu, netid3.student.princeton.edu, etc.
Some students have expressed privacy concerns about this naming convention. In response to these concerns, on the morning of June 13 2006, all Dormnet subscriptions will be renamed; the new hostnames will not incorporate an OIT netid. The renaming will include all Dormnet subscriptions -- even those in an "unsubscribed" state.
Devices that are not part of a Dormnet subscription will not be renamed.
In May 2006, OIT sent email to every student, announcing the upcoming change. On June 13 2006, OIT will send email to every student, showing the Dormnet subscription being renamed; the mail will contain the old name and the new name.
For example, if your computer is using IP address 220.127.116.11, and you use the computer to visit a Web site, the Web site may choose to record that IP address 18.104.22.168 visited the Web site.
DNS (the Internet's Domain Name System) allows anyone on the Internet to look up an IP address to discover the corresponding canonical hostname, and visa versa. For IP addresses used at Princeton University, the canonical hostname for each IP address is the hostname assigned to that IP address in the Princeton University Host Database. For example, at the time of this writing, looking up the IP address 22.214.171.124 in DNS results in the canonical hostname alfrente.princeton.edu.
Since 1993, each student's Dormnet subscription was assigned a hostname of the form netid[digit].student.princeton.edu, where netid was the student's OIT netid; for example, jxdoe.student.princeton.edu.
As a result, when a computer using a Dormnet subscription connected to other computers, it was possible for those other computers to use DNS to convert that client's IP address (e.g. 126.96.36.199) into a hostname like jxdoe.student.princeton.edu.
Some students have expressed a privacy concern about their OIT netids appearing in the DNS hostnames visible to servers outside Princeton University. In particular, they have expressed concern that when they use a Dormnet-subscribed device to visit Web sites outside Princeton University, the Web sites can use DNS to determine that the visitor's hostname was jxdoe.student.princeton.edu. Since the Princeton University Campus Directory allows anyone on the Internet to look up OIT netids and names, a Web site operator can look up OIT netid jxdoe to discover that it belongs to Jane X. Doe '09.
In response to this concern, OIT is renaming all Dormnet subscriptions so the hostname no longer contains a student's OIT netid. For example, after the renaming is complete, a Dormnet subscription hostname might look like: pu274317.student.princeton.edu instead of jxdoe.student.princeton.edu. In the example above, the Web site would record that the client's IP address was 188.8.131.52, which corresponds to the hostname pu274317.student.princeton.edu. But the Web site operator outside Princeton University would not be able to look up pu974317 in the Princeton University Campus Directory to discover the name of the student.
Each Dormnet subscription corresponds to an entry in the Princeton University Host Database. For example, here is a Princeton University Host Database entry for a Dormnet subscription:
Name: pu974317 DNS Domain: student.Princeton.EDU Entry Type: HOST Alias: kinglear.princeton.edu. Interface Type: Ethernet Interface Subnet: pu-dormnet-bb Interface IPAddress: 184.108.40.206 Interface MACaddress: 0:1:2:3:4:5 Interface Type: Wireless Interface Subnet: wirelessnet Interface IPAddress: 172.30.31.254 Interface MACaddress: 0:6:7:8:9:a System Type: DELL-PC Operating System: MS-WINDOWS-XP OIT NIS NetGroup: princetonhosts Technical Contact: firstname.lastname@example.org Dormnet Subscriber Netid: jxdoe Building: N/A Room: N/A Department: Account: Date Created: 2004-06-24 Date Last Changed: 2006-02-27
The Host Database entry "Name" field (e.g. pu974317) and "DNS Domain" field (e.g. student.Princeton.EDU) together comprise the entry's canonical Internet DNS hostname (e.g. pu974317.student.princeton.edu). Some of the other fields in the Host Database entry include the IP address (e.g. 220.127.116.11) assigned to the device's Ethernet interface when it is attached via its "home" network, the OIT netid of the Dormnet subscriber (e.g. jxdoe), the OIT email address of the Dormnet subscriber (e.g. email@example.com), the device's Ethernet and Wirless hardware addresses (e.g. 0:1:2:3:4:5 and 0:6:7:8:9:a) and optionally an Internet DNS alias (e.g. kinglear.princeton.edu).
Anyone with access to View the Host Database can search for the IP address 18.104.22.168 or hostname pu974317.student.princeton.edu to view the Host Database entry. In the Host Database entry they can see the OIT netid (jxdoe) and email address (firstname.lastname@example.org) of the student responsible for the Dormnet subscription. Similarly, one may search the Host Database for the Dormnet subscriber's netid (jxdoe) or email address (email@example.com) to locate all Dormnet subscriptions belonging to that student, and then view the IP address(es) and hostname(es).
This is intentional; many people at Princeton University beyond OIT staff and student employees have a frequent need to easily obtain that information. Many departments throughout the University employ staff (and sometimes students) to provide computing support to members of the department, and so need this information. OIT's intent is to not conceal this information from any device attached to the campus network, or from any person affiliated with Princeton University.
This is consistent with our handling of Host Database information for devices other than Dormnet subscriptions. E.g. for office devices, their Host Database information contains the Technical Contacts' email addresses. (The Technical Contacts are those people responsible for the operation of the device on the campus network, and for keeping the Host Database entry up-to-date.) We do not wish to conceal "who is responsible for each computer" from people within the University.
OIT's intent is that the Princeton University Host Database be easily available for viewing and searching within the University, but not easily available from outside the University. To that end:
Except as detailed above, we do not grant permission for the information in it to be reproduced, copied, stored in a retrieval system, or transmitted, in any form, or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior consent of the Princeton University Office of Information Technology.
If someone with access to the Host Database were to make the contents available in such a way as to bypass these restrictions, that person would be in violation of University policy.
It is important to understand the distinction between the information in the Princeton University Host Database and the information generally available on the Internet via DNS (the Domain Name System). The Princeton University Host Database contains all the information about a Host Database entry. OIT extracts from the Host Database entry the entry's canonical hostname (e.g. pu974317.student.princeton.edu), the IP addresses assigned to Ethernet interfaces (e.g. 22.214.171.124), and an alias if present (e.g. kinglear.princeton.edu), then publishes just that information in DNS. The information we publish in DNS does not include the OIT netid of the Dormnet subscriber (e.g. jxdoe), nor the OIT email address of the Dormnet subscriber (e.g. firstname.lastname@example.org).
Off-campus servers have access to DNS, but should not have access to the Princeton University Host Database. As a result, they be unable to use the information published by OIT to translate the IP address of a Dormnet subscriber's machine to a Princeton University's student's name.
No other Host Database entries will be renamed.
If for some reason, a student chose to register her computer in the Host Database as an office device (rather than as a Dormnet subscription), that Host Database entry will not be renamed.
The name of each "office entry" was selected by the person who registered that device in the Host Database. That person was (and remains) free to select a hostname of his own choice, rather than be limited to a hostname based on his OIT netid. Whether or not he chooses to incorporate his OIT netid into the hostname is up to him.
This differs from a Dormnet subscription, where the customer has no choice as to the hostname; OIT selects the hostname for each Dormnet subscription. OIT's policy was to incorporate the OIT netid into those hostnames; due to some student's privacy concerns, we will no longer do that.
Although those assigned in June 2006 are expected to start with the letters pu followed by some digits, those assigned to new subscriptions in the future could differ. No one should rely on all Dormnet subscriptions always starting with the letters pu followed a some number of digits.
What will remain the same is that all Dormnet subscriptions will be within the student.princeton.edu DNS domain. Any canonical hostname within the student.princeton.edu continues to represent a Dormnet subscription.
We continue to allow each Dormnet subscription to have a single DNS alias. E.g. a student with Dormnet subscription pu974317.student.princeton.edu may choose to assign to it the alias kinglear.princeton.edu, for example. As in the past, the alias of a Dormnet subscription must be within the top-level of the princeton.edu DNS domain. (E.g. an alias such as kinglear.student.princeton.edu would not be permissible.) If your Dormnet subscription already has an alias, it will retain the same alias when the hostname is changed.
Devices that are offline or away from campus on that day will not need to be restarted.
For nearly all students, no reconfiguration will be necessary. The only exception may be a very small number of students who run server software on their computers, and only if they have manually configured that server software with their computer's hostname. Students who do not run server software on their computers, or whose server software automatically learns the computer's hostname when the computer starts should not be affected.
Keep in mind that any matching Dormnet Host Database entries displayed include those that are currently subscribed to Dormnet service, and those that are currently unsubscribed. If the Entry Type field ends with -INACTIVE, the entry is currently unsubscribed from Dormnet service; otherwise the entry is currently subscribed.
If configured to join the Windows domain, a computer that is part of a Dormnet subscription is configured to use a NetBIOS-over-IP hostname that is based on the student's OIT netid. For example, if the student's netid is jxdoe, the computer may be configured to use the NetBIOS-over-IP hostname JXDOE.
At this time, OIT does not plan to rename these computer's NetBIOS-over-IP hostnames. They will continue to contain student's netids even after June 13 2006.
These NetBIOS-over-IP hostnames are visible on the campus network, but are not directly visible to the Internet, because OIT does not permit the NetBIOS-over-IP protocol to cross the University's Internet connection. (As OIT VPN Service extends a virtual campus network attachment to VPN clients throughout the Internet, off-campus VPN clients can also see the NetBIOS-over-IP hostnames. As clients of OIT VPN Service must login to the VPN service with an OIT netid and password, this limits direct access to the NetBIOS-over-IP hostnames to people affiliated with the University.)
The hostname that appears in a Host Database entry for a Dormnet subscription (e.g. pu974317.student.princeton.edu) corresponds to the first IP address (e.g. 126.96.36.199) in that entry. This IP address is located on the pu-dormnet-bb IP subnet.
Assuming your device is registered accurately in the Host Database, your computer's Ethernet interface is assigned that Internet hostname (pu974317.student.princeton.edu) and IP address (188.8.131.52) only when your computer's Ethernet interface is attached to the pu-dormnet-bb IP network. The Host Database treats that IP network as your Ethernet interface's "home" network.
OIT Ethernet ports in all dormitory rooms, apartments, and eating clubs are wired to the pu-dormnet-bb network. So when your computer's Ethernet port is attached to the campus network in any of those locations, the Ethernet port is assigned that IP address and Internet hostname.
When your computer's Ethernet interface is attached to OIT Ethernet Service in any other part of the campus network (e.g. perhaps in an office, classroom, etc.), the Ethernet interface is automatically loaned an OIT Mobile IP Address and corresponding hostname (e.g. dynamic-oit-fuzzynet-c-109.princeton.edu). (This assumes that your computer, like most, meets the eligibility requirements for OIT Mobile IP Service.) This loan is temporary; when your computer relocates to another location, it may be loaned a different OIT Mobile IP Address and hostname. It may even be loaned a different OIT Mobile IP Address if it simply restarts, or is reconnected after being offline for some time.
OIT Wireless Service relies upon OIT Mobile IP Service. So when your computer's Wireless interface is attached to OIT Wireless Service (even in your dormitory room or apartment), the Wireless interface is automatically loaned an OIT Mobile IP Address and corresponding hostname (e.g. dynamic-oit-vapornet-b-1064.princeton.edu). Your computer's wireless interface never actually uses the IP address that is listed for it in the Host Database entry; that IP address is just a "placeholder" in the Host Database entry.
The renaming of Dormnet subscriptions has no effect on this; it still works the same as it did in the past.
Using the service does add an additional step for anyone who wishes to determine the identify of your computer, but the information is available to the same set of machines and people who have access to view the Princeton University Host Database.
OIT publishes Current OIT Mobile IP Address Assignments showing the computer to which each OIT Mobile IP Address and hostname is currently loaned. Access to that document is restricted to Web clients attached to the campus network.
For example, say your Dormnet subscription's hostname is pu974317.student.princeton.edu. When you attach your computer's Ethernet interface to campus network in the Frist Campus Center, it might be loaned OIT Mobile IP Address 184.108.40.206, corresponding to the hostname dynamic-oit-fuzzynet-a-100.princeton.edu. During the life of the loan, anyone with access to Current OIT Mobile IP Address Assignments can use that document to look up 220.127.116.11 or dynamic-oit-fuzzynet-a-100.princeton.edu to learn that these are currently loaned to client pu974317.student.princeton.edu with hardware address 0:1:2:3:4:5. (Or even without access to that document, any device currently attached to the same campus network as yours can discover that the 18.104.22.168 is currently in-use by hardware address 0:1:2:3:4:5.) Given that information, anyone with access to view the Princeton University Host Database can then look up hostname pu974317.student.princeton.edu or hardware address 0:1:2:3:4:5 to learn find they are part of a Dormnet subscription belonging to OIT netid jxdoe with email address email@example.com. Just as in the past, the ability to perform these lookups is limited to clients attached via the campus network.
Dormnet is a subscription service intended to provide wired network service to devices belonging to currently-enrolled undergraduate and graduate students in their dormitory rooms or apartments. (The subscription also provides wired and wireless network service in other locations on campus, assuming the device meets the relevant eligibility requirements, as do most.) A Dormnet subscription is intended to meet the computing needs of the vast majority of students using computer workstations, streamlining the Host Database registration and billing processes for these customers.
A Host Database entry is created by OIT for each undergraduate and graduate student at (or shortly before) the time the student matriculates. This entry is similar to normal Host Database entries (for example, those for University office devices), but has some special characteristics that make it a "Dormnet Subscription." This special kind of Host Database entry is also known as a "Dormnet Host Database entry", or a "Host Database entry associated with a Dormnet subscription." The entry is initially created in the "unsubscribed" state (the Entry Type field ends with -INACTIVE), which indicates that the student has not currently subscribed to the Dormnet service.
The student may "subscribe to Dormnet" (or more accurately, "subscribe a device to Dormnet") via the Web. The Web form use to subscribe to Dormnet actually updates the relevant Host Database entry to contain the information specified by the student, and to change the entry to the "subscribed" state. (The entry's Entry Type field is changed so it no longer ends with -INACTIVE.)
At any time, the student may choose to "unsubscribe from Dormnet" via the Web. The Web form used to unsubscribe from Dormnet updates the relevant Host Database entry to change the entry to the "unsubscribed" state. (The entry's Entry Type field is changed to end with -INACTIVE.)
The Dormnet Host Database entry remains in the Host Database as long as the student remains eligible for Dormnet service. It is not deleted each time a student unsubscribes, nor recreated each time a student subscribes; it remains in the Host Database the entire time, simply in a "subscribed" or "unsubscribed" state. Regardless of the current state of the entry, it is still referred to informally as a "Dormnet Host Database entry", or a "Host Database entry associated with a Dormnet subscription".
After the individual is no longer enrolled at Princeton University, OIT deletes the Dormnet Host Database entry. OIT also deletes the Dormnet Host Database entry if the student's status changes in such a way that he or she is no longer a currently enrolled undergraduate or graduate student. Deleting the entry terminates the Dormnet subscription (if it is subscribed at the time), and prevents the student from resubscribing.
Each Dormnet Host Database entry represents one network-attached device, rather than one student. If a student wishes to obtain a Dormnet subscription for more an additional network-attached device, s/he must ask OIT to create an additional Dormnet Host Database entry. OIT creates an additional Dormnet Host Database entry for the student in an "unsubscribed" state; at that time, the student can subscribe the additional device to Dormnet using the Web. These additional entries also remain in the Host Database during the student's career at Princeton. At any time, there may be a number of Dormnet Host Database entries for a single student, with any number of them currently subscribed or unsubscribed. We keep the unsubscribed entries in the Host Database, so that if the student later decides to resubscribe additional devices, the Host Database entry does not need to be recreated.
You can tell if a particular Dormnet Host Database entry is currently subscribed or not subscribed by examining its Entry Type field. If the field ends with -INACTIVE, the entry is unsubscribed; otherwise the entry is currently subscribed.
Some students choose to obtain network service for a device not through a Dormnet subscription, but instead by registering the device in the Host Database as if it were a University office device. To do so, they use the standard Host Database Web form used to add an office entry to the Host Database, rather than the specialized Web form used to subscribe to Dormnet. When using the standard "add an entry to the Host Databse" Web form, the customer must specify a departmental or student account number to which OIT should bill that device's network service, and is responsible for deleting the Host Database entry when she wishes the service to end. These Host Database entries, even if created by a student for a device s/he will use in a dormitory room or apartment, are not Dormnet Host Database entries; they are simply regular Host Database entries, sometimes referred to as "office entries", and do not represent Dormnet subscriptions.
You can distinguish Dormnet Host Database entries from other Host Database entries (e.g. office entries) in either of two ways. You can check to see if the Host Database entry has a Dormnet Subscriber Netid field set; this field is always set for Dormnet Host Database entries and is never set for other entries. Or you can look at the entry's canonical hostname (the hostname field followed by the DNS Domain field) the names of Dormnet Host Database entries always end with .student.princeton.edu.