I'm looking to consolidate DNS/DHCP/IPAM into a single tool. Today I use
IPPlan for IPAM, and have been reasonably happy with it over the last 5+
years, but I'd like to leverage the benefits of integrating DNS and DHCP
for real-time information, along with a more supportable solution for my
staff. It seems that InfoBlox and BlueCat are the top players, but maybe
I'm being fooled by the hype.
Can anyone respond with their experience with DDI in an Enterprise
environment? Have the tools been useful/reliable? What is the pricing
model?Replies can be on, or off, list.
-- Eric Cables
Have you looked at netdot (netdot.uoregon.edu) ?
Cheers,
Phil
I'm looking to consolidate DNS/DHCP/IPAM into a single tool. Today I use
IPPlan for IPAM, and have been reasonably happy with it over the last 5+
years, but I'd like to leverage the benefits of integrating DNS and DHCP
for real-time information, along with a more supportable solution for my
staff. It seems that InfoBlox and BlueCat are the top players, but maybe
I'm being fooled by the hype.
Can anyone respond with their experience with DDI in an Enterprise
environment? Have the tools been useful/reliable? What is the pricing
model?Replies can be on, or off, list.
We've been happy with InfoBlox. Big plusses are the AD integration
and the do-everything-in-one-place solution. Not so happy about price,
but it is hard to compete with free.
InfoBlox is ISC daemons which means that you know what to expect. Most
knobs in named.conf are available from the UI, although I sometimes have
wished for QIP's freetext in named.conf feature.
We run a non-HA pair of 1050 units as DHCP servers (using ISC-style
fallover), and two HA pairs of 1050 as name servers and management node /
backup management node.
HA pairs is mostly overrated in name service, DNS being fault-tolerant
as is, but the management interface is an exception where it is nice to
have HA.
To get economical scalability from relatively few hardware units we
disable recursion and put OpenBSD servers with unbound as resolvers in
front. The first entry in /etc/resolv.conf is anycasted from a number
of such resolver hosts, using OpenOSPFd.
I can not enough emphasize the goodness resulting from strict separation
of resolvers and name servers. And anycasting means that I can gracefully
remove a busy resolver from operation without anyone noticing since the
next one will take over.
The best part is that I got to PROVE to the Windows admins that Windows
IS RFC-compliant wrt dynamic updates. Hilarious. Broke the bubble of
Arthur C Clarke -compliant magic for many of them.
You might like to add EfficientIP to your list to investigate.
(I haven't bought any yet).
Jethro.
. . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks, Network Manager,
Information Services Directorate, University Of Strathclyde, Glasgow, UK
The University of Strathclyde is a charitable body, registered in
Scotland, number SC015263.