Child pages
  • Dev Environment Guide
Skip to end of metadata
Go to start of metadata

To use the development environment instead of the production environment, configure your computer, do everything the same as for production, then revert the configuration.

You can either configure DNS or use a VPN or spoof requests.  You do not need to do all three.  DNS is preferred because it requires vastly less bandwidth and is less intrusive of your personal data, but the VPN only needs to be set up once.  Spoofing requests requires slightly more manual effort during testing.


The DNS server is hosted at  You will need a secondary resolver for real addresses, such as, (Level3), or, or


Guides are available for Mac, Windows (do steps 1, 2, 3, 6), Linux, and most other devices.  You can also do a web search. 

Please remove the servers when you are done testing.  If you don't, your client will tell us everywhere that you go.

If you would like to use IPv6, you can use 2001:48a8:68fe:0:0:0:0:37 instead of  Users may not need or want to use IPv6.


If you VPN, your DNS settings will default to with recursion for other domains.  The server address is and a single account called "commitdev" is used for most purposes because we manage access control to components directly.

Server Address:

Account Namecommitvpn
Group: CommITvpn

Mac: Go to System Preferences > Network.  Click the +.  Select VPN as Interface.  Use the server address and account name above.  Name the service anything.  Click Authentication Settings... and enter the password and shared secret.

Windows 7:

Windows 10

Linux: You know more than Nate does if you're running Linux as your personal OS

You can also do a web search.

Connect to use the development environment.  Disconnect when you are done testing.  If you don't, your client will send all data legibly through us.

Email to ask for the password and shared secret.  If your requests still go to the wrong server, it is due to client configuration or a firewall running between your client and the VPN server, and you will need to configure your client.

Request Spoofing

You can go to this URL to directly access the development environment as if you were logging in to a CommIT partner.  You will need to change the commit-partner-entityID to match a known partner's entityID.  That entityID can be acquired from InCommon, or from the partner, or from one of the technical team members.  The complete set is not published here as a modicum of selective disclosure; specific services will be enumerated upon request.

Certificate warnings are expected because you're accessing a back door that is not publicly enumerated as an access location.  Don't worry about them unless they also appear using one of the other access methods.  If they do, then please panic and notify the technical team so we can begin to panic too.

Clicking register will pop you back into the production environment.  At that point, you’ll want to put yourself back in the development environment by going to:

At the end of the account registration process, please return to:

In order to reset passwords or usernames in the development environment through request spoofing, please use the following URL's, respectively:


For dev help desk access, please use the following URL:

Technical Details

The development environment is a nearly precise clone of the production environment, except with no sensitive data or keys.  This is done to greatly reduce the possibility of errors being introduced in transition to production and to make development easier.  It also allows us to do development and test work without involving every partner organization.

The DNS server answers to UDP and TCP queries over 53, but only for, and at a maximum of 5 per second.  We have 3 total domains.  Either approach will direct your DNS queries for the domain to the development environment instead of the production environment.


  • No labels