April, 2003 Network Nuggets

1. CITES Virtual Private Network (VPN) service goes into production

The CITES VPN service is now a fully supported, production-quality service. We appreciate the feedback provided by dozens of people during the several-month beta testing period, and have used that input to improve the service and its documentation.

The CITES VPN service is designed to give users the privacy of a separate network over public lines by substituting encryption and other security measures for the physically separated network lines of traditional private networks.

CITES VPN security is required for users of the UIUCnet Wireless service. In addition, the CITES VPN service enables users connecting from third-party ISP providers to identify themselves as authorized users of the UIUC network and to receive the same network access permissions provided to a user who had connected directly to UIUCnet.

For more information about the VPN service, see:

<http://www.cites.uiuc.edu/vpn/>

2. Firewall Service Plan

CITES invites network administrators to participate in the Firewall Service Plan. Protecting your network behind a firewall can greatly reduce the chance of your network being hacked and gives network administrators the ability to control external access to their networks. For more information on firewall configurations, please go to <http://www.cites.uiuc.edu/firewall/plandetails.html>. To learn more about participation in the Firewall Service Plan, please go to <http://www.cites.uiuc.edu/firewall/participation.html>.

3. Private IP space (RFC 1918 space) now available

CITES is now authorizing the use of private IP space (RFC 1918) for on-campus. These IP ranges can alleviate IP shortages in new or expanding networks. In accordance with RFC 1918, private IP space is limited to the following IP address ranges. Also listed are the CITES NDO's policy for use of these ranges on the UIUC campus.


192.168.0.0/16 - for use within a department; not routed to campus; no NDO approval needed.
172.16.0.0/12 - routed to campus; available for DNS registration.
10.0.0.0/8 - reserved for future use by NDO.

Traffic within an internal unit which will never leave the unit's network should use the 192.168.0.0/16 range. Use of this range does not require CITES Network Design Office(NDO)approval. This range will not be routed to other areas of campus and will not be available for DNS registration.

Use of the 172.16.0.0/12 range does require NDO approval. This range can be routed to other areas of campus and is available for DNS registration.

CITES has reserved the 10.0.0.0/8 range for future use. Please do not use this range.

For more information on the use of private IP space, please go to <http://www.cites.uiuc.edu/guidelines/network/private_ip.html>.

4. Email network-related problems to net-trouble@uiuc.edu

Here at the OpCenter we often receive calls from net admins who wish to report problems with their network or with campus services. You are, as always, free to call us at 244-1000 to report such issues. However, if you have a complex technical problem and still have access to email, a better option would be to send an email describing the problem in detail to net-trouble@uiuc.edu. The email will then become a CATS ticket, with you listed as the contact person.

This solution allows you to explain clearly and in great detail exactly what the problem is and reduces the chance for errors and/or ommissions. Additionally, you will receive back an email noting that a ticket has been created in your name, allowing you to track the progress of your ticket online. Plus you'll receive a detailed email when the ticket has been resolved explaining exactly what was done to solve the problem. Give it a try next time you wish to report a network-related problem.

5. Cool Tools

This issue's Cool Tool is DNSstuff at <http://www.dnsstuff.com>. This site allows you to check a large variety of DNS related items including a search of Spam databases, ISP cached DNS lookup, Netmask calculators, and a URL deobfuscator. (Just try saying that 3 times fast.)