Request a DNS Change for Offsite Hosting

Only Berkeley employees may fill out the Offsite Hosting Form, and only the appropriate Berkeley employee can serve as Resource Proprietor (see below).

How to Fill Out the Offsite Hosting Form

In order for your domain (URL) to work on your Pantheon site, will need to request to add a new "hostname" (domain/URL) via NetReg's Offsite Hostnames interface: 

https://netreg.berkeley.edu/

After logging in and selecting the proper security contact from the dropdown, navigate to "Offsite Hostnames" in the left sidebar menu, and select "Add Offsite Hostname."

What to Put in Each Field

  • Offsite Hostname: "EXAMPLE.berkeley.edu."
    • Replace the above with your hostname
    • If you will be using more than one hostname per site: Once the primary hostname has been submitted and registered, email netreg@security.berkeley.edu to add additional hostnames to the same record. 
  • Hosting Service: Pantheon
  • "May we scan this host?": Check the box
  • Data Protection Level: You must select "Protection Level 1." The other available data protection levels are not allowed on Pantheon.
  • Description: Basic description of website. 
  • Resource Proprietor: Enter the CalNet ID of the appropriate Resource Proprietor.
  • Canonical Name: The live canonical Pantheon domain, e.g. "live-EXAMPLE.pantheonsite.io".
  • IP Address: Leave blank.
  • Additional Notes to Hostmaster: Enter the necessary DNS (Domain Name System) details.

After Submitting the Form

Once your request is approved, it will be passed to campus Hostmaster, and a ticket will be opened. The DNS changes will happen once Hostmaster processes your ticket. You may ask Hostmaster to schedule the DNS changes for a specific date if you provide advance notice (at least one week; see "Additional DNS Instructions" below). You will receive an email from Hostmaster once the DNS changes have been made, or if the changes have been scheduled. 

Hostmaster may have some questions before the DNS change can occur. See Special topics for Pantheon sites for information on possible DNS issues.

Protected Data Classification

Sites on Pantheon cannot include protected data. A breakdown of the Data Classification Levels can be found on the Security website. All websites on Pantheon can only host data classified as "Protection Level 1".

Resource Proprietor

IT Policy requests that the Resource Proprietor is a "Berkeley Campus Administrative Official (e.g. Dean, Director, PI, MSO, or other responsible individual to whom financial, administrative or management responsibilities for your area have been delegated) to sponsor your activity."

An email will be sent from NetReg to the Resource Proprietor requesting approval. If the site needs to go live as soon as possible, make sure this is someone who will respond promptly to the email from IT Policy.

Additional DNS Instructions (for a new site)

Note: If you are launching a new site on Pantheon, and the production domain(s) are already pointed to a different site on Pantheon, please see Moving Your Domain from Pantheon site to Another.

Domains on Pantheon should be A records. This is recommended due to Pantheon's platform configurations. However, CNAMEs should continue to work.

Provide A Record Information

You will need to know the "canonical domain", or "platform domain", for your site. This will look like the below URL, with your Pantheon site name in place of "EXAMPLE":

live-EXAMPLE.pantheonsite.io

You should not have to create your Live environment on Pantheon in order to find this URL. In the above URL, "EXAMPLE" is the same Pantheon site name that can be found in your Dev and Test environment Pantheon URLs (e.g., test-EXAMPLE.pantheon.berkeley.edu).

Once you know your canonical domain (as described above), run the following terminal command in a terminal window:

$ host live-EXAMPLE.pantheonsite.io

You should then see the following in your terminal window:

$ host live-EXAMPLE.pantheonsite.io
live-EXAMPLE.pantheonsite.io is an alias for fe0.edge.pantheon.io.
fe0.edge.pantheon.io has address 23.nnn.nnn.nnn
fe0.edge.pantheon.io has IPv6 address nnnn:nna:nnn0::n
fe0.edge.pantheon.io has IPv6 address nnnn:nna:nnn1::n

In the "Additional Notes to Hostmaster" field in the NetReg Offsite Hosting form, include the following information (replacing EXAMPLE.berkeley.edu with your real production hostname):

Please configure the following DNS records for EXAMPLE.berkeley.edu:

A record pointing to 23.nnn.nnn.nnn
AAAA record pointing to nnnn:nna:nnn0::n
AAAA record pointing to nnnn:nna:nnn1::n

Launch Date/Timing

If you have a specific launch date in mind (a specific day when the changes should be effective in the campus DNS), you can ask for it in the "Additional DNS Instructions" box.

You should plan ahead if you have a specific launch date in mind. Hostmaster's ticket queue can be long, so DNS requests can take up to a week or more to complete. Asking for a very quick turnaround (e.g., submitting the Offsite Hosting Form and asking for the DNS cutover to happen the next day) will not work, as it won't give IT Policy and Hostmaster enough time to process your submission.

Add "www" Domains

If you also want to use a "www" record, e.g. www.EXAMPLE.berkeley.edu, you have to specifically request it here as an additional note to Hostmaster (e.g., "please include the www version of this domain").

Old (Deprecated) Information about CNAMEs

Previously, CNAMEs were recommended for all domains on Pantheon, unless the domains had specific requirements. A records are now recommended for all domains on Pantheon, due to Pantheon's platform configurations. 

CNAMEs should continue to work on Pantheon. If necessary, here are the instructions for requesting a CNAME:

  • Follow the above instructions (under "Provide A Record Information") for finding your site's "canonical domain" (e.g., live-EXAMPLE.pantheonsite.io).
  • Enter the following in the Additonal DNS Instructions text box:
"This should be a CNAME to live-EXAMPLE.pantheonsite.io". (Replace the EXAMPLE URL with your canonical domain.)