Purpose and Scope of the Cambridge IP address database

The primary objective of this whole exercise is to reduce the load on Computing Service staff who manage IP addresses within Cambridge, and to do this wherever possible by eliminating their involvement in day-to-day administration. Against this we have the constraints of shortage of IP addresses, the scope for error and mismanagement, and the external requirement of record keeping for investigatory purposes.

Hitherto the records of who has what IP address and hostname, for what purpose and where, have been maintained in ordinary text files manipulated by CS staff, and likewise with consequential DNS changes. When a client wanted an address for a new system (say), that person either directly or through the local computer officer sent an email request to the CS, where it was handled personally by one of a team of "registrars" who updated the appropriate records and DNS files and emailed a response back. Although ordinary requests were normally serviced within one working day, this was considered irksome by many client institutions, and eventually became an insupportable load on the CS. In some cases it also led to duplicate record keeping, which though better than no record keeping is obviously wasteful. Cutting out the middle man for common transactions became imperative.

Early experiments of handing out blocks of addresses for local management together with devolved DNS zones were disappointing, leading to loss of addresses, loss of records, misconfiguration of the DNS and general chaos. The reasons appeared to include lack of local expertise, lack of local staff effort, lack of appreciation of the seriousness of the matter, and rapid turnover of local staff, often with no overlap or indeed with extended hiatus. It was clear that if there was to be any devolution of effort it would have to be much more strongly constrained, that records would have to remain central even though directly updated by institutions, and that DNS management would have to remain central but based on data extracted automatically from those records.

Under the new regime records are still held centrally but can be updated by institutional IT support staff. The freedom thus conferred is strongly circumscribed, and it is not intended that policy for what is done should change, merely how it is done.