Subject: DDI (DNS+DHCP+IPAM) Solutions Date: Tue, Jun 26, 2012 at 07:37:36PM -0700 Quoting Eric Cables (ecables@gmail.com):
I'm looking to consolidate DNS/DHCP/IPAM into a single tool. Today I use IPPlan for IPAM, and have been reasonably happy with it over the last 5+ years, but I'd like to leverage the benefits of integrating DNS and DHCP for real-time information, along with a more supportable solution for my staff. It seems that InfoBlox and BlueCat are the top players, but maybe I'm being fooled by the hype.
Can anyone respond with their experience with DDI in an Enterprise environment? Have the tools been useful/reliable? What is the pricing model?Replies can be on, or off, list.
We've been happy with InfoBlox. Big plusses are the AD integration and the do-everything-in-one-place solution. Not so happy about price, but it is hard to compete with free. InfoBlox is ISC daemons which means that you know what to expect. Most knobs in named.conf are available from the UI, although I sometimes have wished for QIP's freetext in named.conf feature. We run a non-HA pair of 1050 units as DHCP servers (using ISC-style fallover), and two HA pairs of 1050 as name servers and management node / backup management node. HA pairs is mostly overrated in name service, DNS being fault-tolerant as is, but the management interface is an exception where it is nice to have HA. To get economical scalability from relatively few hardware units we disable recursion and put OpenBSD servers with unbound as resolvers in front. The first entry in /etc/resolv.conf is anycasted from a number of such resolver hosts, using OpenOSPFd. I can not enough emphasize the goodness resulting from strict separation of resolvers and name servers. And anycasting means that I can gracefully remove a busy resolver from operation without anyone noticing since the next one will take over. The best part is that I got to PROVE to the Windows admins that Windows IS RFC-compliant wrt dynamic updates. Hilarious. Broke the bubble of Arthur C Clarke -compliant magic for many of them. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 If Robert Di Niro assassinates Walter Slezak, will Jodie Foster marry Bonzo??