• Skip to main content
  • Skip to primary navigation
  • Skip to primary sidebar
  • UC Berkeley
  • Berkeley Engineering
  • EECS
Header Search Widget
IRIS

Instructional & Research Information Systems

  • About Us
  • Get Started
  • Get Help
  • FAQ
    • FAQ: Accounts
    • FAQ: EECS Slack
    • FAQ: File Storage
    • FAQ: Hardware
    • FAQ: MacOS
    • FAQ: Mail
    • FAQ: Mailing Lists
    • FAQ: Network
    • FAQ: Security
    • FAQ: Unix
    • FAQ: Web
    • FAQ: Windows
  • Services
    • Accounts
    • Backups
    • E-mail
    • EECS Login Servers
    • File Storage
    • Infrastructure
    • Mailing Lists
    • Networks
    • Printing
    • Room Reservations
    • Security
    • Software
    • Unix
    • Web
  • Policies
  • Forms
    • System Registration/Update
    • Account Request Form
    • Network Problem Report
    • Project Storage Request
    • SSL Certificate Request
    • All Other Forms
  • Rates

Access to EECS caching DNS servers (cronus and rhea) to be restricted

June 12, 2006 by Mark Kraitchman

Beginning Tuesday July 11, 2006, access to the EECS caching DNS (Domain Name Server or Domain Name System) servers cronus and rhea will be restricted to campus IP addresses.

If you have a system off-campus, you will not be able to use cronus and rhea for DNS service. Instead you will need to configure your off-campus system to utilize your ISP’s name servers.

This action (restricting access to the EECS caching DNS servers) is occuring following the campus IS&T’s lead of restricting access to the main campus caching DNS servers, ns1.berkeley.edu (128.32.136.9, 128.32.206.9) and ns2.berkeley.edu (128.32.136.12, 128.32.206.12) beginning July 1, 2006.

It is currently considered a “best practice” to restrict access to caching DNS servers. DNS service on cronus and rhea has been abused from off-campus IP addresses. Because of the security risks associated with allowing anyone to access the caching DNS servers, many groups are restricting access to their caching DNS servers including UCLA, the University of Oregon and the University of Virginia.

IS&T has documented details and reasons behind why it is necessary to restrict access to caching DNS servers:

  • http://net.berkeley.edu/DNS/recursion.shtml
  • http://net.berkeley.edu/DNS/recursion-detail.shtml

Current cronus and rhea IP addresses include:

cronus interfaces                       rhea interfaces
cronus-32 128.32.32.21                  rhea-32 128.32.32.23
cronus-33 128.32.33.21                  rhea-33 128.32.33.23
cronus-34 128.32.34.21                  rhea-34 128.32.34.23
cronus-35 128.32.35.21                  rhea-35 128.32.35.23
cronus-36 128.32.36.21                  rhea-36 128.32.36.23
cronus-37 128.32.37.21                  rhea-37 128.32.37.23
cronus-38 128.32.38.21                  rhea-38 128.32.38.23
cronus-40 128.32.40.21                  rhea-40 128.32.40.23
cronus-41 128.32.41.21                  rhea-41 128.32.41.23
cronus-42 128.32.42.21                  rhea-42 128.32.42.23
cronus-43 128.32.43.21                  rhea-43 128.32.43.23
cronus-47 128.32.47.21                  rhea-47 128.32.47.23
cronus-48 128.32.48.21                  rhea-48 128.32.48.23
cronus-62 128.32.62.21                  rhea-62 128.32.62.23
cronus-63 128.32.63.21                  rhea-63 128.32.63.23
cronus-112 128.32.112.21                rhea-112 128.32.112.23
cronus-132 128.32.132.21                rhea-132 128.32.132.23
cronus-134 128.32.134.21                rhea-134 128.32.134.23
cronus-153 128.32.153.21                rhea-153 128.32.153.23
cronus-168 128.32.168.21                rhea-168 28.32.168.23
cronus-171 128.32.171.21                rhea-171 128.32.171.23
cronus-cusg 169.229.3.251               rhea-cusg 169.229.3.252
cronus-169-229-63 169.229.63.21         rhea-169-229-63 169.229.63.23

Caching DNS service will also end from IP address 128.32.33.5 on Tuesday July 11, 2006.

Please update your off-campus systems accordingly.

Filed Under: News

Primary Sidebar

IRIS Service Status

Yellow
We have 0 Active Incidents, and 1 Scheduled Maintenance noted.

IST Service Status

Outages to campus services are listed at berkeley.statusdashboard.com.
  • About
  • Contact
  • Privacy
  • Accessibility
  • Nondiscrimination

© 2022–2025 UC Regents  |  Log in