Global IP Address
Basic Information
You can use a global IP address only if you meet the conditions for using the global IP address. The use of global IP addresses involves major information security risks. Before using it, please carefully consider its necessity.
As a general rule, please use a private IP address when using the campus network.Private IP addresses use NAPT, so you can use most off-campus services.
Caution
NAPT cannot be used on some private networks due to management policy. If NAPT is not available on your private network, please contact the administrator of each network.
Procedures for Starting to Use a Global IP Address
Receive global IP address assignment
Apply to the Information Technology Center to use a global IP address
For specific procedures, please refer to Global IP address usage application.
Submit the IP address entry sheet to the Information Systems Section, Academic Information Division.
For specific procedures, please refer to IP address apply sheet.
Fill in the IP address management ledger
Please refer to IP address management ledger for information on how to fill in the information.
Global IP Address Usage Application
Fill out and submit the Global IP Address Usage Application Form
“IP address users and IP address administrators should fill out a global IP address usage application form and submit it to the Information Infrastructure Center (East Building 3, 4th floor).
Screening by the Information Technology Center and cancellation of communication block settings (about 2 to 7 business days)
The Information Technology Center will review the application and if there are no problems, the communication block will be lifted. The availability of the service will be notified via campus email for IP address users and IP address administrators.
Caution
It will take about 2 to 7 business days. Please apply well in advance of starting use.Please note that we cannot respond to same-day requests.
Device settings
Please configure your device using a global IP address that you are authorized to use.Please operate the information system appropriately based on the work manual for installation and disposal .
Caution
After applying for use, please do not forget to submit the IP address apply sheet and fill in the IP address management ledger.
How to submit IP address apply sheet
In the IP address apply sheet, enter information regarding the administrator and information system of the global IP address. Please fill out the IP address apply sheet and submit it to the Information Systems Section, Academic Information Division (uec-sec@office.uec.ac.jp). Please fill in each item using the information below as a reference.
- IP administrator name
Enter the administrator of the IP address block you are using.
- IP address
Enter the IP addresses you are using in ascending order.
- Equipment type
Enter the type of information system to which the IP address is assigned. If “8.Other”, please enter details in the comment field.
- System administrator name
Enter the administrator of the information system.
- Access control by firewall
Please enter whether the information system in question has appropriate access control through a firewall.
- Management procedure manual
Please indicate whether a comprehensive management procedure manual has been established for updating the OS and various software in the information system.
- Presence of personal information/sensitive information
Please enter whether the information system in question holds personal information or sensitive information.
- Stopping equipment in an emergency
Please enter whether the information system can be stopped in the event of an emergency such as an incident. For information systems that require uninterrupted operation even in emergencies, please enter the reason in the comments section. However, non-stop operation is limited to those where there is a risk of immediate disadvantage if the information system in question stops (e.g., servers used for joint research with other institutions that need to operate continuously for a certain period of time) etc.). Merely having a server function does not fall under this category.
- Comment section
If there are any other special notes, please enter them as necessary.
How to enter the IP address management ledger
For all devices with global IP addresses, the system administrator should always enter the latest usage status into the IP address management ledger.
The IP address management ledger is managed in a shared directory of Samba storage. Please access with:
For Windows:
\\file.edu.cc.uec.ac.jp\IPaddresslistfrom ExplorerFor macOS:
smb://file.edu.cc.uec.ac.jp/IPaddresslistfrom Finder- ID:
edu\+UEC account(Example:edu\xa000001if the UEC account isxa000001)- Password:
UEC account password
for each.
The IP address management ledger is divided into directories for each IP address block. Please create a file with the same name as the IP address you are using and record information regarding the operational status. For the entry format of the IP address management ledger, please refer to the format of the IP address management ledger. If there is a change in the information in the IP address management ledger, please correct it immediately.
If you want to create a new file, please copy the template (template.txt) located directly under the shared directory.
Hint
For details on how to use Samba storage, please see How to use Samba storage.
Caution
Global IP addresses and ports that are not recorded in the IP address management ledger may be subject to communication interruption without prior notice. Thank you for your understanding.
The shared directory can be read and written by all system administrators. Please never do anything that interferes with the operation of the IP address management ledger, such as changing files or directories that you do not manage.
IP address management ledger format
In the IP address management ledger, tags are used to describe the necessary information like XML. The meaning of each tag is as follows.
<inventory> ・・・ IPアドレス管理台帳
<report> ・・・ 台帳記録者情報
<person> ・・・ 利用者情報
<name> 利用者氏名 </name>
<division> 利用者所属 </division>
<tel> 利用者内線電話 </tel>
<mailaddress> 利用者学内メール </mailaddress>
<uecaccount> 利用者 UEC アカウント </uecaccount>
</person>
<date> ・・・ このファイルの最終更新年月日
<year> 更新西暦年 (半角 4 桁) </year>
<month> 更新月 (半角 1 または 2 桁) </month>
<day> 更新日 (半角 1 または 2 桁) </day>
</date>
</report>
<host> ・・・ 台帳に記入するホスト情報
<ipaddress> ホストのIPアドレス (半角数字, 小数点) </ipaddress>
<fqdn> ホスト名 (FQDN, uec.ac.jp まで記入) </fqdn>
<administrator> ・・・ ホストの管理者情報
<person>
<name> 管理者氏名 </name>
<division> 管理者所属 </division>
<tel> 管理者内線電話 </tel>
<mailaddress> 管理者学内メール </mailaddress>
<uecaccount> 管理者UECアカウント </uecaccount>
</person>
</administartor>
<os> ホストの OS およびバージョン </os>
<hardware> ホストのハードウェア名称,機種など </hardware>
<inventorynumber> 備品番号 (なければ空欄) </inventorynumber>
<user> ホストの主な利用者 (任意形式で簡潔な記述) </user>
<purpose> ホストの利用目的 </purpose>
<securityplan> ホストのセキュリティ対策についての説明 </securityplan>
<necessityofglobalIP> グローバル IP を利用する必要性の説明 </necessityofglobalIP>
<openport> ・・・ ホストが学外に公開しているポート
<tcp> 学外公開の TCP ポート 1 </tcp>
<tcp> 学外公開の TCP ポート 2 </tcp> ・・・ 以降,列挙
<udp> 学外公開の UDP ポート 1 </udp>
<udp> 学外公開の UDP ポート 2 </udp> ・・・ 以降,列挙
</openport>
<startdate>・・・ホストの運用開始年月日
<year> 運用開始西暦年 (半角 4 桁) </year>
<month> 運用開始月 (半角 1 または 2 桁) </month>
<day> 運用開始日 (半角 1 または 2 桁) </day>
</startdate>
<stopdate>・・・ホストの運用終了年月日
<year> 運用終了西暦年 (半角4桁) </year>
<month> 運用終了月 (半角 1 または 2 桁) </month>
<day> 運用終了日 (半角 1 または 2 桁) </day>
</stopdate>
</host>
<nmap> ・・・ ホストへのポートスキャン記録 (情報基盤センター記入)
<date> ・・・ 実施年月日 (情報基盤センター記入)
<year> 実施西暦年 (半角4桁, 情報基盤センター記入) </year>
<month> 実施月 (半角 1 または 2 桁, 情報基盤センター記入) </month>
<day> 実施日 (半角 1 または 2 桁, 情報基盤センター記入) </day>
</date>
<output> ポートスキャン ログ (情報基盤センター記入) </output>
</nmap>
<openvas> ・・・ ホストの監査記録 (情報基盤センター記入)
<date> ・・・ 実施年月日 (情報基盤センター記入)
<year> 実施西暦年 (半角4桁, 情報基盤センター記入) </year>
<month> 実施月 (半角 1 または 2 桁, 情報基盤センター記入) </month>
<day> 実施日 (半角 1 または 2 桁, 情報基盤センター記入) </day>
</date>
<output> 監査ログ (情報基盤センター記入) </output>
</openvas>
</inventory>
Global IP Address Return Procedure
If you wish to terminate the operation of a device that uses a global IP address, please follow the steps below to return it.
Stopping devices using global IP addresses
Please take necessary measures such as backup. There is a checklist of the minimum necessary measures in グローバル IP アドレス返納申請書 (the Global IP Address Return Application Form) . Please be sure to check these items. After taking the necessary measures, stop the equipment.
Fill out and submit the return application form
Please note the following points when filling out the グローバル IP アドレス返納申請書 (Global IP Address Return Application Form) . Please bring the completed Global IP Address Return Application Form to the Information Technology Center (East Building 3, 4F) or send it by intra-campus mail.
The application form must be signed or stamped by the IP address administrator and the person responsible for global IP address usage.
Please check all the items on the application form and put a check mark on them before submitting. If all items are not checked, the return application may not be accepted.
If you are unable to check all of the confirmation items due to special reasons, please state the reason on the application form.
If the items checked in the application form are the same, multiple global IP address return procedures can be performed with one application. In that case, please enter multiple global IP addresses in the Return IP Address column of the application form. If the check items are different, please create and submit separate application forms.
Caution
Once your application is accepted, communications to the returned global IP address will be immediately blocked by the university-wide firewall. Please make sure in advance that all necessary stoppage measures, such as backups and software license deactivation, are not omitted.