Choosing an IP for your server
Choosing an IP for your server
- The “ITS Systems/UDC/Applications VLAN Database” is located here. NOTE: It is used as a tracking system, but is not a source of record as it is manually maintained by users and may be inaccurate.
- New VLAN requests should be done in coordination with the UT-V Team for virtual machines, and UDC for Hardware. Please ensure the VLAN database is updated.
- The VLAN Name generally contains information regarding the VLAN purpose and specific parameters that define how the VLAN is to be used:
- Datacenter it is available in: UDC-C or UDC-B. (UDC-C is in CRB, UDC-B is in COM).
- Scope: Public, Campus Only, NAT, etc.
- Service or Group Specific: IAM Services, Desktops, MSS, Databases, etc.
- Server Type: VM vs Hardware.
- Host FQDN/DNS Domain: .austin.utexas.edu vs .its.utexas.edu. Note that while CNAMES can be placed in any domain, ITS only has control of the .austin and .its domains.
Deciding on a VLAN:
- Will your DNS Domain be .austin.utexas.edu or .its.utexas.edu? The .its.utexas.edu extension is reserved for ITS use.
- Will your server need to be accessible from off campus? If so, you might need a Public IP address or a NAT address that uses the F5 Load Balancer (Please verify that your service is eligible to use the F5 service and that the chosen VLAN is accessible to the F5). If not, perhaps a Campus Only IP address or NAT address will suffice. Note that Public IP addresses come with additional security risks to consider. NAT addresses are strongly recommended.
- In which datacenter will your server be located? Normally, UDC-C is the datacenter of choice and UDC-B is for secondary servers within a service. Use of UDC-B requires justification with the Campus Solutions Director. Note that UDC-B is not officially considered a DR site for UDC-C.
As an example, let’s say you don’t want your server accessible from off campus, but you want to be able to connect from your server to off campus locations. You are a part of ITS and want to use the .its.utexas.edu DNS Domain and you will be using a VM that you want located in UDC-C. In this case, you are looking for a VLAN that meets the following requirements: UDC-C, NAT, .its, VM. Browsing through the VLAN Database, it looks like VLAN 491 (ESX VMs (NAT, .its) (ITS ONLY)) would work for you.
Once you have decided on a VLAN, you need to find an available IP on that VLAN to use. Looking at the VLAN within the database and you will get a list of reserved IP addresses. However, the VLAN Database may not be up to date, so you must do your best to verify an IP address is actually available before using it. Do this by Pinging the IP to make sure nothing responds on it and look the IP up in DNS to make sure there is no entry defined for it. You can also check in the TSC Tools (aka UTnet Utilities) in either "IP Utilization" or “UTnet Arp Search” sections to make sure the IP hasn’t been seen on the network during the last several months. If everything looks good, prior to requesting a new host, add your server name to the VLAN Database next to the IP and make note of the IP, Subnet Mask, and Gateway to add to your provisioning request form.
Additional considerations for new VLANs, Special Purpose VLANs, and less commonly used VLANs:
- Verify with UT-V (or the UDC for physical servers) that the VLAN you are considering is Trunked in to the respective ESX clusters or Datacenter where you want your server to live.
- Verify with Networking that the VLAN has the DHCP Helper configured to point to Campus Solutions DHCP servers. Currently, these are sys-dhcp-p01.austin.utexas.edu and sys-dhcp-p02.austin.utexas.edu.
- If the VLAN selected has ACLs or a VRF associated with it, work with ITS Networking to ensure that management tools and server admin computers (preferably private UT VPN subnets) have been whitelisted.