Instructions and Information
- Network Concept
- Connect a New Computer
- Moving a Computer
- Determine Network Administrator
- In the name of the admin
- New Outlet
- Register 1 to 4 Computers (Network Administrator)
- Register More Than 4 Computers (Network Administrators)
- Deregister a Computer (Network Administrator)
- New Admin (Network Administrator)
- Moving a Group Of Computers (Network Administrator)
- Central Firewall (Network Administrator)
- Change of Subnetwork Size (Network Administrator)
- Moving-out a House Network (or Private IP Addresses) (Network Administrator)
- Network Connection (Network Administrator)
The network concept of TU Berlin plans that all TU buildings are bundled on 11+1 network nodes. These nodes route the network traffic, can communicate via MPLS and are conntected with more than one neighbour (see below)
Important aspects are:
- redundant operation of the data centre (and all provided services) - already implemented
- moving the second internet connection in order to increase redundance - already implemented
- improvement of all wiring centers for an increase in requirements - pending
- setup of MPLS nodes with intermeshing - implemented as far as possible
- connection of switches with redundant 10 Gbit connections to their MPLS nodes - implemented as available
- supply of all network outlets with Gbit - implemented
- area-wide VoIP - ongoing
The subnetworks are routed between MPLS zones and distributed via VLAN within the nodes to the correspondent outlets. Node comprehensive Layer2-supply is not intended. The intermeshing ensures a supply even if a MPLS node is down.
|A||A, FH, HL,
|BIB (UB)||BIB, HF,
|C||C, K, KF, KWT, M,
PC, SE-RH, TK, V, Z|
|EB||AB, BH, EB,
GG, KAI, KL, RKF, VWS, VZ (FU)|
|E-N||E, E-N, EMH, HE, MS, TC,
|EW||AM, B, BA, HBS, ER,
F, HFT-CC, HFT-TA, KT, MAR, PTZ, SG,
Gouna||El Gouna (Egypt)|
- Satellite departments AB, GG, KL, RKF, VZ are connecting via BRAIN (Berliner Wissenschaftsnetz) and are therefore partly dependent on that infrastructure
Since not all tasks can be executed in parallel, the network intermeshing differs from the planned version in some cases (e.g. satellite departments have to be temporarily connected in a different way or fibre wire cables for redundance are not yet built).
Connect a New Computer
Please contact the network administrator of your unit and inform him of:
- location (building and room number)
- desired computer name (will become the DNS entry, maximum of 20 characters)
- caption of the network outlet which you want to connect the device to
You don't know who your network administrator is? Please read here.
Moving a Computer
Please inform your network administrator about:
- data of your computer: IP address, computer name
- old location: building, room number
- new location: building, room number, network outlet
Determine Network Administrator
You can find your responsible network administrator using TU Portal at IT-Dienste > Liste der Rollenverwalter und IT-Betreuer.
Further information about Liste der Rollenverwalter und IT-Betreuer
In the name of the admin
For the rare occasions where the network administrator is not reachable (illness, vacation) and your issue can not be dealt with using TU Portal, please write an e-mail with your issue to NOC and CC to the network administrator's e-mail address. This allows the admin to intervene on one hand and on the other this allows us to see if you are entitled.
Please send your e-mail directly to your network administrator or NOC. If you contact NOC directly: we require
- Building and room number
- Exact outlet
Often we receive the caption of a double outlet. Since we can only guess which outlet you mean, we will interpret this as "one of the outlets, no matter which"
- If you do not care which outlet out of 2 or within the room, please write that explicetely.
If you do not know the subnetwork, please contact your network administrator or tell us the IP address which should be employed for the new outlet.
Register 1 to 4 Computers (Network Administrator)
Please use the application "IP
If the DNS entry in partciular can not be adminstrated using the application "IP-Adresse" (alien domains, IPs from house networks, aliases from central administrated servers) please write a formless e-mail with the desired entries. In addition the e-mail has to contain the following specifications:
- Your full name
- The full name of the network administrator of your department if this is not you
- The cost centre of your department
Register More Than 4 Computers (Network Administrators)
If possible only use the application
"IP-Adresse" in TU Portal.
For initial registration of a new subnetwork or other issues requiring more than 4 new IP registrations or changes you can send a file.
This file MUST comply to these criteria 100%:
- either spreadsheet or text file
- spreadsheet type: OpenOffice-Calc (.sxw
or .ods) or
Microsoft Excel 97/2003 (.xls), no .xlsx !!
- text file formats: ASCII (.txt) or
"Comma Separated List"
- no Word (no .doc or .rtf)
- no macros, formulas, plugins, special fonts, etc.
- layout: at the beginning or the end of the file a text bock with explanations, empy lines and captions is allowed
For the block with IP applications applies:
- one computer per line
- 7-Bit-ASCII-Text, no umlauts
- no characters which are not allowed for computers such as underline character (_), @ or similar
- no empty lines
- no comments
- no colons (:)
You should read the notes for completing the form beforehand.
Neu-Anträge: Format der Rechner-Zeile
|Rechnername ||gewünschter Name, nur
Buchstaben, Zahlen oder Minus ||pc2006-uni|
|nur wenn nötig ausfüllen.
Hardware-Adresse des Rechners (MAC-Adresse). Weglassen der Angabe nur
nach Absprache erlaubt. ||a0-b1-c2-dd-ee-ff|
Nur ausfüllen, wenn Sie einen beim postmaster angemeldeten Mailserver betreiben
|Betriebssystem ||Windows XP|
Kostenstelle, bei Instituten 4-stellig, bei Fachgebieten
|Betreuer ||Name des Netz- bzw.
Gerätebetreuers (Antragstellers), NICHT des Nutzers, keine
|Telefonnr. des Zuständigen
Leave those boxes empty which you can not complete. For ASCII files a colon serves as a seperator (cell1:cell2:cell3). For .csv files you can use a colon too. The values can be encased by quotation marks.
For 3 computers a txt file could look like this:
Änderungs-Anträge: Format der Rechner-Zeile
|IP-Adr. ||Rechnername ||Domain ||Aliase ||MAC-Adr.
||MX ||Rechnertyp ||OS ||Gebäude ||Raum
Complete the form according to the
new applications only this time you already got the IP addresses which
are specified in the first column. The rest of the line has to be
filled out completely. It is not sufficient to specify the changed
The line will be changed which corresponds to the IP address. Thus you can change all data except for the IP address since we need the IP address as index for finding the line which is to be changed.
Deregister a Computer (Network Administrator)
Please use the application "IP-Adresse" in TU Portal. For special DNS entries which can not be edited via web, please write a formless e-mail with the computers/IP-addresses which should be deleted.
New Admin (Network Administrator)
As network administrator you require the role dns_verwalter. You will receive that role from the role administrator of your department.
For you to be able to take care of your colleagues, please retreive all information about your subnetwork from your predecessor
You can see the subnetworks belonging to your cost centre in your personal portal and apply for new ones if necessary.
Moving a Group Of Computers (Network Administrator)
Please inform NOC in time about:
- the planned date of your move
- buildings and room numbers of your new location
- all network outlet numbers in your new rooms. This is especially important if the room numbers do not accord to the original numbers (e.g. rooms were divided)
- If your IPs are partly or completely not listed in the application "IP-Adresse" in TU Portal, we need all IP addresses which you administrate
If your IP addresses are based on a house network (or from a network with private IP addresses), you will obtain a new, own subnetwork which will make a renumbering of your computers necessary, see "Moving out of a house network".
Central Firewall (Network Administrator)
Technical requirement for the use of the central
firewall / packet filter (->what's that?) is a user group -
meaning an own subnetwork, no house network IPs
and suitable network technology for the connection
(structured wiring, VLAN capable switches).
If these requirements are met, we offer a packet filter service with the following properties:
- all data packets are permitted/denied on a strict ruleset
- data within your subnetwork can not be filtered
- IP addresses are filtered not DNS names. This is no application level firewalling
- If you do not give us any other instructions the initial ruleset will be: outgoing from your subnetwork everything will be permitted, ingoing will be denied
- We adjust the ruleset to your needs but not on a daily basis.
- Certain rules which are always required are not to be specified, we will take care of them automatically (such as ACK-packets, dns packets from the name server etc)
The properties which are applicable for a filtering demonstrated with 2 examples:
The first example allows world-wide access to the computer 18.104.22.168 via SSH (port 22). The second example denies all computers the bittorrent access to the IP addresses 22.214.171.124 to 126.96.36.199 (port 6881).
Note: Firewalling is a complex issue. If your issue is simple, an informal explanation is sufficient (such as "deny all, only WWW to our institute's server with IP address XY should be possible). Otherwise especially for complex applications we need a complete list of all rules since we usually do not know your software and a research would be too much effort.
Change applications - like all network change applications for a subnetwork - will be only accepted from the network administrator (resp. with his acknowledgement)
Change of Subnetwork Size (Network Administrator)
Usually subnetworks should
be large enough for all connected computers and small enough to
prevent IP addresses from being wasted (60% of all potential IP
addresses are unused).
If these properties are not met, you have to move to a new, more suitable subnetwork.
For that we use the following procedure:
- We determine the required subnetwork size with your help.
- We assume that we have correct information about the rooms where your computers are located. If this is not the case, please inform us!
- You tell
us if you want the computers to a) keep their original names or b) get
For case a) we will use the old names with the suffix "-neu" with the new IPs for the DNS.
For case b) we will enter the new names straight away if there are no conflicts.
- We send you the list with the new IP addresses.
- We will arrange a change date. At that date we will program the network infrastructure (router, switches, network outles) and you will change the IP addresses - and in case b) the names of your computers.
- Until that date only the old IPs will work, after that date only the new ones.
Moving-out a House Network (or Private IP Addresses) (Network Administrator)
If your unit uses
- IP addresses from the building's network (house network) or
- private IP addresses
it is time to move into your own subnetwork (with firewall rulesets you can determine yourself).
The following requirements have to be met:
- service neutral wiring to each room of your unit (no BNC, but structured wiring = twisted pair)
- switches operated by NOC with a minimum technical standard
- usable OrgName or InternetName -
there are several cases:
- your unit has its own, approved Orgname -> done
- your unit does not need an Orgname but wants to use the Orgname of the superordinate unit. NOC will set this up for you in case the superordinate unit has no objections.
If the requirements are met, one can proceed as follows:
- Application for an appropriate dimensioned subnetwork by you using TU Portal (requirements for IP addresses for all existent computers and those planned for the next 1.5 years)
- Setup of the subnetwork by NOC
- Arrangement of a change date. Until that date the old IP
addresses are valid, after that date only the new ones. Furthermore
- List of all currently employed IP addresses including computer names and MAC addresses
- List of all network outlets and room numbers
- List of all firewall forwardings
- You configure all computers for DHCP at the change date.
You can administrate the new subnetwork yourself using TU Portal.
Network Connection (Network Administrator)
The physical connection to the network is realised using network outlets. Only for modernised buildings each outlet is switched otherwise you will need to contact NOC if you want to use an outlet which was unused before. The connection can also be established using TUB-WLAN  which will result in lower speed and due to increased security demands to the requirement of a tubIT user account and an encryption software - see WLAN .