IPAM advantages (was Re: MySQL BIND SDB)

Gary Wallis wgg1970 at gmail.com
Tue Nov 16 20:44:46 UTC 2010


Karl Auer wrote:
> On Tue, 2010-11-16 at 11:16 -0800, Chris Buxton wrote:
>> With a management solution, of course. :-)
>> [...]
>> The advantages include:
>>
>> - Two admins with different ideas of how files should be named and
>> laid out don't butt heads. The management solution makes the decision.
>> - There is an audit trail showing who did what, so that when something
>> goes wrong, the correct lesson can be learned.
>>
>> Integration with DHCP and IP address management is often another benefit.
> 
> Other advantages:
> 
> - point and click, whatever the command-line weenies tell you, is more
> comfortable and, for the most common operations, usually faster :-)
> 
> - a good IPAM has a permissions structure, so you can allow
> lower-skilled people to make certain changes, or distribute the
> management task.
> 
> - you avoid whole classes of typo and typo-like errors, such as
> forgetting full-stops, misspelling "in-addr.arpa", putting in-addr.arpa
> instead of ip6.arpa or vice versa, making a timeout "60000" instead of
> "6000", missing nibbles out of an IPv6 $ORIGIN or PTR, writing the PTR
> octets forwards instead of backwards in a PTR...
> 
> - you avoid most consistency errors, within a zone, between zones,
> between views, between servers. You get the identical updates made
> identically on all relevant servers, in all relevant views,
> automatically.
> 
> - there are generally bulk insert/delete/update methods
> 
> - the tool looks after correctly stopping, starting, reloading etc, so
> you don't accidentally blow away your dynamic updates or end up with a
> stopped nameserver or failed zone load because the config was wrong and
> you didn't notice.
> 
> - most IPAM tools do dynamic updates themselves, so you don't have to do
> reloads all the time.
> 
> Regards, K.
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users


Nicely put Karl,

There are several FOSS IPAM like systems*. IPAM is an Infloblox 
proprietary system that Cricket Liu is involved with.

CPanel (and look-a-likes), webmin, among many other web GUI based apps 
have some basic DNS configuration capabilities.

Just like the single-sign-on concept, IPAM like tools with a single DNS 
database that manages/configures many BIND DNS servers has proven to a 
useful model.

Cheers!
Gary

*Even I put together one 10 years ago that is still being used and 
updated. http://openisp.net/openisp/unxsVZ/wiki




More information about the bind-users mailing list