DNS Appliances

icecream-guy · August 02, 2018, 11:14:19 AM

Whats do you all use for DNS appliances?

looking at moving away from bind, the only alternative that's been brought up in meetings is Infoblox, but not looking to get hole into a single vendor, as we use infoblox for DHCP, looking for alternatives.

some requirements
Failover HA
Failover across WAN
Programming API
Support for living in the cloud.

I've read some stuff about DNSBox, but my quick overview didn't see any cloud support

icecream-guy · August 03, 2018, 07:51:27 AM

Quote from: ristau5741 on August 02, 2018, 11:14:19 AM
Whats do you all use for DNS appliances?

looking at moving away from bind, the only alternative that's been brought up in meetings is Infoblox, but not looking to get hole into a single vendor, as we use infoblox for DHCP, looking for alternatives.

some requirements
Failover HA
Failover across WAN
Programming API
Support for living in the cloud.

I've read some stuff about DNSBox, but my quick overview didn't see any cloud support

looks like t big 3 are infoblox, DNSbox and Bluecat networks.
DNSbox doesn't seem to have cloud support.

mmcgurty · August 03, 2018, 08:08:13 AM

Have you looked at Men & Mice? This was one we looked at for IPAM (we went with Infoblox) but they offer DNS and DHCP support as well.

https://www.menandmice.com/

Otanx · August 03, 2018, 09:55:47 AM

Why are you moving away from bind? It seems when we try we end up moving back because it just works, and anyone who does DNS understands it.

-Otanx

deanwebb · August 03, 2018, 02:58:20 PM

Quote from: Otanx on August 03, 2018, 09:55:47 AM
Why are you moving away from bind? It seems when we try we end up moving back because it just works, and anyone who does DNS understands it.

-Otanx

Because if a vendor's software poops out on you, you can call their support and scream at them.

icecream-guy · August 04, 2018, 10:28:01 AM

Quote from: Otanx on August 03, 2018, 09:55:47 AM
Why are you moving away from bind? It seems when we try we end up moving back because it just works, and anyone who does DNS understands it.

-Otanx

it's abount control,

right now the server guys control the hardware and OS, application team , apps and bind, as DNS admin we just operate app. too many hands in the pie when making changes or having problem, also server is different support group then one we work with.

Otanx · August 06, 2018, 09:19:31 AM

Quote from: deanwebb on August 03, 2018, 02:58:20 PM
Because if a vendor's software poops out on you, you can call their support and scream at them.

Red Hat. Get a license for RHEL. It is crazy all the stuff they will support. If it is in their channels then they will support it, and they are pretty good.

-Otanx

Otanx · August 06, 2018, 09:36:04 AM

Quote from: ristau5741 on August 04, 2018, 10:28:01 AM
it's abount control,

right now the server guys control the hardware and OS, application team , apps and bind, as DNS admin we just operate app. too many hands in the pie when making changes or having problem, also server is different support group then one we work with.

Ah, I understand. The only stuff I played with is Infoblox, IPA, and bind. I can not recommend IPA. It is really buggy. We constantly had problems where it would stop allowing updates to a zone. We would then have to export the zone, delete it, add it, and import the data. Typically only reverse zones had this issue.

-Otanx