Skip to main content

Domain

Summary

Domains refer to Internet domains such as "stanford.edu" and "yahoo.com".

Fields

Name

Domain names must obey Internet naming conventions: only alphanumeric characters and hyphens are allowed. Neither leading nor trailing hyphens are allowed. Note that once a domain has been created, the domain name cannot be changed except for its case.

Limited

If "yes", this Domain can only contain names from a short list. This list includes names like "www" and "ftp". This setting has been deprecated, defaults to "no", and does not appear in the application. Domains that must have it set to "yes" can be updated with the NetDB CLI.

Delegated

This must be set to "yes" for domains that need name server (NS) records in the DNS.

Nameservers

Nameservers for a domain. The names entered here are used to create name server (NS) records in the DNS.

DS Records

DS (Delegation Signer) records are part of the DNSSEC chain of trust for delegated zones (subdomains). A DS record references a DNSKEY record in the delegated zone.

DS records are are made up of several fields. All but the Publish flag are generated by DNSSEC zone signing tools:

Publish Controls whether the data will be added to the DNS as part of DNS generation.
Key Tag A number between 1 and 65535 used to quickly identify the DS record.
Algorithm A number identifying the algorithm of the referenced DNSKEY record.
Digest Type A number identifying the cryptographic hash algorithm used to create the Digest value.
Digest The cryptographic hash value of the referenced DNSKEY record.

Create Names In (Groups)

Users with rights to these groups can create names using this domain as the domain part of the name.

Use as Name (Groups)

Users with rights to these groups can use this domain name as a node name or MX. For instance, "cs.stanford.edu" could be both a node name and a domain name. A user must have rights to at least one of these groups to create a node name or MX that matches this domain name. Having "All Groups" is not sufficient.

Group

This Domain can only be modified or deleted by users with rights to this group and rights to domain records.

Administrators

Administrators are individual people or Admin Teams that are responsible for a domain.

List individuals by using their full names or their SUNet IDs. You can click on Verify to have NetDB check and resolve the names before you try to save the record.

If you choose to verify, entries will be checked against the online Stanford directory; if they are not found in the directory or if a name matches multiple people in the directory, an error will occur. If an exact match is found, the person will be returned with a checked box. If multiple matches are found, a list of people and associated departments will be returned unchecked. Check to select the right administrator. The verification process is thus especially useful if you use SUNet IDs since it will show you information about the people connected to the SUNet IDs so you'll know if you entered the right SUNet IDs. Note that the directory lookup looks for matches on SUNet IDs, last name and email address.

Note that verification is also done when the Domain record is saved.

An Admin Team is a set of people who are responsible for the domain. For example, the Computer Resource Center (CRC) may contract with a department to support their computers and domains. Instead of listing all the people in CRC as administrators, it's simpler to list the CRC Admin Team as an administrator. Admin Teams must be followed by a semicolon when entered as a domain administrator (e.g., "CRC;").

If the administrator is not associated with Stanford and does not have a SUNet ID, list Admin Team "OUTSIDE;" as the administrator and add contact information in the Comment field.

Comment

Useful information can be added here. This field is searchable with Full Search. Only printable characters are valid for comments. Printable characters are letters, numbers, punctuation, and spaces. For example, the carriage return is not a printable character.

Special Domains

.SUNet

Names in the domain ".SUNet" are only resolved for Stanford hosts. This is useful for hosts in private address spaces which are not reachable from the Internet.

.NoDomain

Names in the domain ".NoDomain" are never included in the DNS. This is useful for Advanced nodes whose node name is irrelevant because of its interface or IP address names.