Next: Appendix: Sender Policy Framework (SPF) Up: Network Liaison's Handbook Previous: Appendix: Legacy File Format

Appendix: IP Address Registry (IPR)

The IP Address Registry (IPR) is the hostmaster's method of ensuring IP addresses are assigned without collision, and for tracking where IP addresses and prefixes exist on-campus.

For NLs, the most useful interface to the IPR is the address query tool which will list addresses assigned to their admin groups, as well as allow users to search for NLs for other IP addresses, which may be involved in abuse. This tool is largely unsupported; the authoritative source for all info is the hostmaster.

The IPR further has several levels of access which can be assigned to members of a department; many of these are used to control access to CNS/NI&S resources intended primarily for NLs. Only the Primary maintainer is required; all the rest are optional maintainer levels. Email addresses are required for all levels, although secondary and abuse need not have PIDs. The access levels are as follows:

Primary

• This is your Primary NL (required for an admin group)
• Only one person can have this access level
• Must have PID
• Can manage access levels of other "maintainers"
• Can submit DNS updates
• Contact for Cert approval

Secondary

• Any alternate/secondary NLs have this level
• May have PID
• Can submit DNS updates
• Contact for Cert approval
• Multiple maintainers can have this level

Abuse

• primarily an email address (potentially mailing list) for abuse reports
• only one maintainer can have this authorization level

DHCP

• Can manage DHCP
• Must have PID
• Multiple maintainers can have this level

Query

• Can use NI&S tools to query information about resources assigned to the admin group
• Multiple maintainers may have this authorization
• Must have PID

IPR RESTful API

NI&S currently maintains a RESTful read-only API for the IPR data. Responses are in the form of a JSON list (one needn't set a header to accept application/json, however).

The endpoints are:

• https://orca-public.caas.nis.vt.edu/ipr/v1/public/domains/<domain>/contacts returns everyone listed as a contact with the above authorizations for this vt.edu domain.
• https://orca-public.caas.nis.vt.edu/ipr/v1/public/admin/<admingroup>/contacts returns contacts for the given admingroup.
• https://orca-public.caas.nis.vt.edu/ipr/v1/public/admin/<admingroup>/domains returns domains for the given admingroup.
• https://orca-public.caas.nis.vt.edu/ipr/v1/public/contacts/<pid> returns authorized domains for a given VT PID
• https://orca-public.caas.nis.vt.edu/ipr/v1/public/ip/<ipv4addr>/contacts returns the admingroup and contacts for an assigned IPv4 address

e.g.:

$ curl https://orca-public.caas.nis.vt.edu/ipr/v1/public/domains/iso.vt.edu/contacts 2>/dev/null|jq 
[
  {
    "adminGroup": "ISO",
    "adminGroupDescription": "IT Security Office",
    "maintainers": [
      {
        "name": "Randy Marchany",
        "email": "marchany@vt.edu",
        "authorizationType": "SECONDARY"
      },
      {
        "name": "Brad Tilley",
        "email": "rtilley@vt.edu",
        "authorizationType": "PRIMARY"
      },
      {
        "name": "Philip Kobezak",
        "email": "pdk@vt.edu",
        "authorizationType": "SECONDARY"
      }
    ]
  }
]

---

Next: Appendix: Sender Policy Framework (SPF) Up: Network Liaison's Handbook Previous: Appendix: Legacy File Format

Eric C. Landgraf 2019-05-07