1. Governance Instruments
  2. DNS Policy

DNS Policy

DNS Policy at ¾ÅÐãÖ±²¥

Last Updated: November 17, 2016

A) Introduction

The domain name service (DNS) is the distributed database used to provide name-related information for all the hosts connected to the internet. ITServices maintains the primary DNS database and servers for ¾ÅÐãÖ±²¥ (although in a few cases departments within the University have been delegated some local naming authority). Consequently, ITServices is often asked to assign names to workstations and servers around campus so that they can be 'found' on the network by other hosts. This document is intended to present the policy on the naming of hosts at ¾ÅÐãÖ±²¥.

The Internet identity for ¾ÅÐãÖ±²¥ is based on the .queensu.ca name. All services that are provided by members of the ¾ÅÐãÖ±²¥ community as part of their official functions and as part of the mission of the institution should be registered within the queensu.ca domain. All services that are provided by either members or nonmembers of the ¾ÅÐãÖ±²¥ community, but which are not part of their official functions as members of the community or as part of the mission of the institution, must be registered outside the queensu.ca domain.

Users are reminded that the content and activities of all hosts and domains must still adhere to the ¾ÅÐãÖ±²¥ Computer User Code of Ethics. Failure to do so will result in the removal of the domain and possible other penalties as specified in the code.

B) How DNS works at ¾ÅÐãÖ±²¥

¾ÅÐãÖ±²¥ has two primary public access DNS servers, located at:

  • 130.15.126.54 (knot.queensu.ca)
  • 130.15.126.52 (braid.queensu.ca)

When a change is made to the DNS database (by the addition of a new name for example), it is generally the case that both of these servers will have the change within two (2) hours. Thus, within a few hours, changes will propagate around campus and all campus will recognize the new names. Name or IP address changes propagated outside of ¾ÅÐãÖ±²¥ can take much longer: at present, name or IP changes can take as long as five (5) days, but is generally less than that.

C) Naming Restrictions

Not all hosts at ¾ÅÐãÖ±²¥ need to have a DNS name entry. For example, PCs with no incoming connections have no need of a hostname. Machines at ¾ÅÐãÖ±²¥ must be named in accordance with the current practices and guidelines. These practices restrict top level names (ie 'name.queensu.ca') to groups such as:

  • Departments (eg Biochemistry, Civil Engineering)
  • Faculties and schools (eg Applied Science, Business)
  • Organizational units (eg AMS)
  • Primary services (ie 'www', 'post', 'qlink', etc)
  • Cross discipline projects

Thus, most machines will be within an existing "subdomain".

Host names may only include alphanumeric characters and hyphens (-). Names will be checked by ITServices staff to ensure that they are not offensive, antagonistic, or otherwise unacceptable.

New network names will be assigned as necessary. Please note that departments do not, as a rule, get two subdomains within the queensu.ca domain.

Dynamic DNS is not supported at ¾ÅÐãÖ±²¥.

Hostnames for offsite IP addresses will be dealt with on a case by case basis.

D) Naming Suggestions and Recommendations

First, a list of suggestions as to things to avoid when naming a host will be presented. This will be followed by a list of suggestions to aid the naming of a machine. More suggestions are listed in RFC 1178 (see Section G).

Avoid:

  • Long names. Short names are preferable to long names. Names over about twenty (20) characters in length may not be supported on other name servers outside of ¾ÅÐãÖ±²¥, and names over 8-10 characters in length are difficult to remember.
  • Names where case is important. DNS is not case-sensitive.
  • Names that suggest a role or hardware platform (ie 'sparc', 'room34', etc). These are bad since a host may change platforms or move locations.
  • Names should begin with letters as opposed to numbers, and should not be numbered to indicate sequence (ie 'sol1', 'sol2', etc). This should be avoided since machines may be removed down the road and the sequence will be broken.
  • Using your own name. If you move or leave the location, the hostnames may not be able to be updated to account for the movement, and this may cause situations where Jim is sitting at a machine named 'don', and Don at a machine named 'jim' (for example).

Things to consider doing:

  • Use uncommon names. Using a name like 'lurch' is better than naming a host 'typical'.
  • Use theme names. Good themes include colours, characters from movies/books/comics/etc, mythical locations or people, and elements.
  • Use real words whenever possible. They are much easier to remember.

Please note that there is generally no need to change machine names if the machine moves unless the network and/or department changes.

E) Requesting and Changing a DNS Name

Domain names are like street addresses -- they are meant to be fairly permanent identifiers. As such, they are not intended to be changed particularly often. If can be a significant amount of work (most of which is not at the ITServices end) and will have a large amount of "fallout". For example, every email address that refers to the old domain will have to be changed, every web page with a reference to the old domain will have to be changed, and so forth.

In order to update regular host DNS entries at ¾ÅÐãÖ±²¥, an individual should contact his or her ITAdmin Rep. ITServices will only take DNS requests from ITAdmin Reps. Once the ITAdmin Rep has approved the name, the request should be forwarded to hostmaster@queensu.ca. The request must contain the following information:

  • IP Address
  • Owner/Contact Name and Phone Number
    (Where the Owner or Contact will be someone who is staying in that position for some time.)
  • DNS Name desired
  • ITAdmin Rep Name and Phone Number

Updating third level domains is dealt with in a different manner. If a department changes their official name, then it is possible that they will desire a new third level domain. As noted in the Naming Restrictions section, departments do not get two subdomains within the queensu.ca name. However, a domain change will be made under the following circumstances:

  • The request must come from the department head in the form of a signed letter,
  • All administrators of machines with hostnames in the current domain are aware of and understand the ramifications of the change.

If these conditions are met, the domain change will be made with the old names remaining for six months. We will not, however, make multiple domain changes for the same organization, and future such changes will be assessed an administrative fee.

F) Charges for names outside of the queensu.ca domain

As described above, addresses and naming service within the queensu.ca domain are provided to the ¾ÅÐãÖ±²¥ community as part of the basic suite of services provided by IT Services. Names outside of this domain, however, represent extra costs and are not provided gratis.

ITServices will host domains other than queensu.ca for members of the ¾ÅÐãÖ±²¥ community. This is intended for university faculty, staff, and research organizations only. It is also intended for computers directly on the ¾ÅÐãÖ±²¥ network only. The domain sponsor and backup must be a full-time faculty or staff member and provide on-campus contact information. Updates will only be accepted from the sponsor and backup contacts. Ownership of the domain may not be transferred. Other requests may be considered on a case-by-case basis.

Registration fees and communications with top-level authorities (such as .com and .ca) are the responsibility of the owner. Lists of these authorities can be found at:

The addresses to be given for name servers at ¾ÅÐãÖ±²¥ are as follows:

  • 130.15.126.54 (knot.queensu.ca)
  • 130.15.126.52 (braid.queensu.ca)

G) Automatic Host Naming

All host machines on the ¾ÅÐãÖ±²¥ network will that do not have a DNS name will be automatically assigned one. The name will be prefixed with a character referring to the IP address designation as well as the final two octets of the IP address. 

Below are the characters that will prefixed the DNS name:

W - IP is DHCP assigned and on the ¾ÅÐãÖ±²¥ wireless network
D - IP is DHCP assigned on wired campus network
R - IP is been reserved specifically for the given host
S - IP is statically set by host

For example, if a user was connected over the wireless network and their IP address was 130.15.42.35, then their DNS name would be W35.N42.queensu.ca.

H) Register a domain into the ¾ÅÐãÖ±²¥ Domain Service Registry

The intent the ¾ÅÐãÖ±²¥ Domain Name Policy is to preserve the reputation of Queen’s University by ensuring that the Domain Names for websites associated with, or appearing to be associated with, the University are named, registered and administered appropriately.

The University now requires all departments to register external domains that are under the control of their department with IT Services.  ITAdmin Representatives can use the the register a domain. 

For more information on the policy see the following:

I) Other References

RFC1178/FYI005, 'Name Your Computer' by D. Libes, August 1990 available from: