FW: bind on bluecat's adonis 1000

Terry Howell terry.howell at gmail.com
Thu Sep 15 15:20:04 UTC 2005


gents, i highly suggest you test both bluecat and infoblox devices.
infobloxs getup is pure marketing hype and everything from the ui
onwards merely pales in comparison to the bluecats. their grid
architecture looks nice on paper, but proves to be a different story
live. furthermore, we've *seen* bluecats ip address management product
due out later this year and must tell you that if it works as
demonstrated both their dns product and infobloxs will prove to be
simple "band-aid" solutions to what that truly enterprise product is
capable of doing (again, based on what I witnessed). you all would be
well advised to do your homework and request a demonstration.
-----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Greg Chavez
> Sent: Thursday, September 15, 2005 9:25 AM
> To: bind-users at isc.org
> Subject: Re: bind on bluecat's adonis 1000
> 
> On 9/14/05, Brad Knowles <brad at stop.mail-abuse.org> wrote:
> =20
> I was also blushing at how transparent your earlier "Questions you
> should ask of a DNS Appliance" effort was. All Infoblox, all the time.
> 
> > I can't speak for a tool to check for errors, but I know that
> > Infoblox fully supports views, and I've seen some pretty impressive
> > performance on these things -- out-of-the-box performance in the
> > 25,000-30,000 queries per second range for authoritative nameservice
> > on a large-scale domain.
> 
> They plan to support views. The current version (3.1rc6) does not.=20
> Infoblox is minus many of the features and fine-tuning controls of BIND
> 9.2.4. They may exist somewhere in the bowels of the code, but they are
> not available in the management interface. I suspect much of this is on
> purpose - appliances probably should appeal to those without the desire
> or resources to tinker much.
> =20
> > Every appliance is either a grid member or a grid master, and
> > all configuration is done through the master for a particular grid.
> > You can update a configuration or a zone, roll that out across all the
> 
> > members of the grid, have them automatically stagger their
> > reconfiguration process, monitor the reconfig as it is in progress
> > across the grid, etc.... And reconfiguration takes just a few
> > seconds.
> 
> This is where Infoblox's DNS-ONE product clearly excels. My client
> "company" which is in the process of migrating from a creaky, byzantine,
> hard-to-debug BIND 9.2.2 split-DNS architecture will benefit enormously
> from these enterprise features. *IF* this clustering feature works as
> advertised, multiple appliances can be effortlessly inserted into an
> existing environment with virtually identical configurations. Sort of
> like a hands-off Jumpstart.=20 Unfortunately, this enterprise feature
> requires a separate license - one which I am trying to coax my client
> company to procure. Without this feature - which is oddly called
> Keystone DVS - you will have to configure each Infoblox separately.
> Caveat emptor.
> 
> Still, I am very much looking forward to testing it, along with its VRRP
> high-availability getup. Let me tell you this though - you will need
> FIVE IP addresses per HA pair on the same network LAN to make this work.
> If you run a large operation with many appliances, you will consume IP
> subnets fast. My IP migration spreadsheets are a nightmare.
> 
> > Infoblox doesn't try to hide the which version of BIND they're
> 
> > running, and they're open about the software being built with support
> > for threading, and the type of dual-CPU Opteron box they're running
> > on, etc.... They don't let you create the configuration file
> > manually, but you can see the whole thing on their Java Web Start
> > Application or on their Java Applet in your web browsers, you can
> > download it to your desktop, etc....
> 
> I forget what version its *based* on, but it's very recent. However,
> it's probably been bent and reduced to their will, possibly enough to
> make it qualify as more of an ersatz BIND, much in the way other
> appliances bend and reduce BSD and Linux.
> 
> This Java GUI of which you speak is the major weakness of the product.
> It is, at times, prohibitively slow. The worst part is they way the
> GUI "exits". There is no log-off button. Instead, you must exit your
> browser completely to reconnect. This is so annoying, I can barely stop
> myself from foaming at the mouth as I type this paragraph.
> 
> I cannot speak to its performance yet, although it promises to be very
> good= .
> 
> Infoblox is very receptive to these complaints though, and I predict
> that they will start making more and more concessions to half-baked
> BIND-geeks like myself as the versions march by. You should also note
> that Infoblox contains more than one BIND emeritus on their payroll.=20
> Their influence can't help but rub off.
> =20
> > But Terry is right -- you should arrange to get at least one
> > of each and test them out for yourself.
> 
> Here, here. Test. *THEN* tell us how it works. Corporate Web sites
> and marketing brochures and those who read from them are about as
> accurate as my shoe.
> 
> --Greg Chavez
>



More information about the bind-users mailing list