Enterprise IPAM/DNS Solutions

Mike Hoskins (michoski) michoski at cisco.com
Mon Apr 28 16:47:46 UTC 2014

Cisco (apply liberal amounts of salt considering my FROM) has a product
suite called Prime, one piece of which is CNR (unless it's been renamed
again this week) -- Cisco Network Registrar, which handles the IPAM piece
and has DHCP and DNS components as well.  CNR can integrate with BIND (as
well as other common DNS software), and is licensed from BT Diamond.

I did a fairly extensive PoC of the IPAM, DNS and DHCP components a couple
years back.  Being completely honest, the downsides I've found during PoC
are "clunky" UI (admittedly personal opinion, and based on little
experience with other IPAMs -- experiment and decide for yourself), DHCP
implementation geared more toward IT/cable operators (high performance,
but lacking some options for PXE), and lack of true multi-tenant (you can
make logical containers of address space mapped to tenants, but you can't
have address space overlap across containers -- which for RFC1918 is a
problem on any network which consists of numerous acquisitions ;-) ).

DNS and DHCP I've continued solving myself with OSS ISC, but IPAM has
still been useful -- especially adding sanity to IPv6 allocations and
support of fully automated provisioning (API).  I've got a few clusters
deployed (easier to just run an instance per tenant for me), and rely on
the capabilities more over time.  Once you have real IPAM, it's hard to
remember how you lived without it.


-----Original Message-----
From: <Baird>, Josh <jbaird at follett.com>
Date: Monday, April 28, 2014 at 12:31 PM
To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
Subject: Enterprise IPAM/DNS Solutions

>We currently use the Men & Mice DNS/IPAM/DHCP suite which is essentially
>a front-end "wrapper" for BIND.  We deploy our own BIND boxes and simply
>install the Men & Mice agent on them which allows us to centrally manage
>the zones from a GUI (or CLI) based interface.
>I'm curious about the other "enterprise" solutions that are on the
>market.  Bluecat is the first one that comes to mind, but I'm completely
>unfamiliar with their product.  Does their product run alongside native
>BIND (like M&M) or do I need to purchase their own appliances and place
>them all over my network?
>Are there any other suggestions for products similar to Men & Mice and
>Bluecat that I should be looking at?  I'm looking for DNS and IPAM and
>central management.
>Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>unsubscribe from this list
>bind-users mailing list
>bind-users at lists.isc.org

More information about the bind-users mailing list