Building Private Network

Introduction

NI&S offers RFC 1918 IP addresses to campus departments. These IP addresses are useful for hosts that do not offer services to the Internet. They are scanned less often, produce fewer security alerts and generate fewer log files.

Clients using building private networks may still send email, surf the web and continue to operate as usual, however, new unsolicited inbound traffic (from the Internet) is blocked.

To obtain private IP ranges for your department, your Designated Network Liaison (DNL) should email hostmaster@vt.edu requesting them. The VT Hostmaster can also provide the Building Private VLAN ID, the Gateway, and the Subnet Mask to use with the building private network.

Procedure

Once the DNL has obtained the Building Private Network details as described above, they can then switch individual Ethernet portals to the building private network:

1. Open a Servicenow Incident. Ask that it be directed to NI&S.
2. Be sure to include the building name, the portal number and the VLAN ID of the building private network.
3. Once the portal has been switched, you may set a static IP from the range of IPs provided by the VT Hostmaster to your DNL or use DHCP on your client.

Example Servicenow Request

Hello,
I need to switch the Ethernet portal in Torgersen 1330 (TP03D) to the building private address space 172.21.181.x (VLAN 3450). Please forward this request to NI&S.
Thank you,
Brad Tilley
DNL for the VT IT Security Office

Resources

• ServiceNow
• NI&S