Manage MAC-Addresses

We need to know who is responsible for any machine in one of our networks. Even more, we need to be able to "switch off" a host which is not on the current patch level. To do that, we have a database containing all ever seen MAC-addresses. A webbased frontend on admin.phys.ethz.ch https://admin.phys.ethz.ch/macadm/ allows to change the database. Changes may also be done directly with mysql on admin.phys. Our DHCP-servers (dejen and stock), have a cronjob which reads out the database and keeps the dhcp-configuration in sync.

Unknown hosts will get a private IP and a DNS server containing a wildcard entry to the DHCP server. A user starting a webbrowser will see http://dhcp.phys.ethz.ch/. They will need to contact us to get access to the LAN.

Rules for entering records

  • user should contain the standard user of the host. In case of shared hosts of our students clusters, isg should be entered
  • admin should contain the responsible person for this host. In case of a personal computer, Admin will be the same as User.
  • deputy should contain some other person who knows about this host. Make sure that between user, admin, and deputy there are at least 2 different people involved. deputy is often the IT person of the institute (Informatikkoordinator).
  • Comment must be filled with information about the machine.

Expiring

  • a DHCP-host not seen more then 45 days will expire
  • a static-host not seen more then 45 days will expire

A user asks for a registration

  • Inform about the need to keep his machine up to date
  • Inform about the possibility to update his machine (Windowsupdate, Softwareupdate, ...)
  • Inform the user about his mail @phys.ethz.ch
  • Inform about http://nic.phys.ethz.ch/ and the mailinglist, if possible the user should be entered in the mailinglist
  • Enter the data, the user must give the information needed, he should know who is his administrator