Domain Name System

The Domain Name System (DNS) is a client/server mechanism by which machine names get "mapped" (or equated) to IP addresses.

What is DNS?

When your computer needs to get to another machine (e.g., to ftp a file or check your e-mail), a client called a resolver, which is normally part of your TCP/IP setup, contacts a DNS server or "name server" with the electronic form of the question, "What is the IP address of the destination machine (e.g., ait.its.psu.edu)?" The name server responds with the IP address (e.g., 146.186.157.45) of the destination machine and then your computer knows how to get there. This all happens in the background, so most people are not aware that it happens, or ignore it until a problem occurs.

DNS is maintained in an Internet distributed database, which allows for local control yet global consistency. Telecommunications Networking Services (TNS) is the local authority for Penn State DNS. TNS maintains DNS for machines whose names end in "psu.edu" but can further delegate control to more local groups. The "psu.edu" extension on a hostname is called the Penn State domain. When TNS delegates local control to part of the Penn State domain, it allows other organizational name servers to provide DNS for what are known as "subdomains" (literally subsets of the "domain"). Among others, the Department of Math (math.psu.edu), the College of Earth and Mineral Sciences (ems.psu.edu), Engineering (aero.psu.edu), and ITS (its.psu.edu) maintain DNS servers for their local subdomains. This local control allows for more flexibility and better service for their clients.

What It Means To You

As an end user, you usually come into contact with DNS only when you type the IP address of your name server into your TCP/IP configuration. The ITS Internet access software comes with an ITS name server already entered. If you use this software in your office or in conjunction with a local Internet Service Provider (ISP), you might want to ask the network administrator if a different name server should be used. If it is a Penn State network and you are unsure about who your network administrator is, you can find out by checking the IP address of your computer and looking up the TNS network contact for your area.

Several ITS services will not allow your machine access if it isn't properly registered in DNS. What this means is that your machine name must point to an IP address and that IP address must point back to your machine name (the "reverse lookup"). If you are denied service for this reason, often it is just a typo or omission in the DNS database and you should check with your network administrator.

DNS Policy

University Policy AD20 stipulates that those who use Penn State computer and network resources must use the psu.edu domain name and use Internet Protocol numbers within the Penn State range. This means that the Domain Name identifier ends in .psu.edu, e.g., www.psu.edu or its.psu.edu. By identifying these Web sites with the larger Penn State organization, the psu.edu domain name helps ITS manage computer security problems reported both from internal and external sources.

In some cases, entities that are affiliated with, but not fully controlled by Penn State, e.g., The Village at Penn State, may wish to use a domain name that incorporates a relationship to Penn State. These Penn State Domain Names must receive specific approval from the Vice President for University Relations, given such a direct association with the Penn State name. In addition, Information Technology Services must be notified of this exception in order to better handle security compromises and exposures, as well as performance problems that may be reported by external sources. Domain names other than psu.edu must use Internet Protocol numbers that are not assigned to the University and must be registered via a non-Penn State Domain Name Service provider.