IPAM advantages (was Re: MySQL BIND SDB)
wgg1970 at gmail.com
Tue Nov 16 20:44:46 UTC 2010
Karl Auer wrote:
> On Tue, 2010-11-16 at 11:16 -0800, Chris Buxton wrote:
>> With a management solution, of course. :-)
>> The advantages include:
>> - Two admins with different ideas of how files should be named and
>> laid out don't butt heads. The management solution makes the decision.
>> - There is an audit trail showing who did what, so that when something
>> goes wrong, the correct lesson can be learned.
>> Integration with DHCP and IP address management is often another benefit.
> Other advantages:
> - point and click, whatever the command-line weenies tell you, is more
> comfortable and, for the most common operations, usually faster :-)
> - a good IPAM has a permissions structure, so you can allow
> lower-skilled people to make certain changes, or distribute the
> management task.
> - you avoid whole classes of typo and typo-like errors, such as
> forgetting full-stops, misspelling "in-addr.arpa", putting in-addr.arpa
> instead of ip6.arpa or vice versa, making a timeout "60000" instead of
> "6000", missing nibbles out of an IPv6 $ORIGIN or PTR, writing the PTR
> octets forwards instead of backwards in a PTR...
> - you avoid most consistency errors, within a zone, between zones,
> between views, between servers. You get the identical updates made
> identically on all relevant servers, in all relevant views,
> - there are generally bulk insert/delete/update methods
> - the tool looks after correctly stopping, starting, reloading etc, so
> you don't accidentally blow away your dynamic updates or end up with a
> stopped nameserver or failed zone load because the config was wrong and
> you didn't notice.
> - most IPAM tools do dynamic updates themselves, so you don't have to do
> reloads all the time.
> Regards, K.
> bind-users mailing list
> bind-users at lists.isc.org
Nicely put Karl,
There are several FOSS IPAM like systems*. IPAM is an Infloblox
proprietary system that Cricket Liu is involved with.
CPanel (and look-a-likes), webmin, among many other web GUI based apps
have some basic DNS configuration capabilities.
Just like the single-sign-on concept, IPAM like tools with a single DNS
database that manages/configures many BIND DNS servers has proven to a
*Even I put together one 10 years ago that is still being used and
More information about the bind-users