Cisco DDM, Checkpoint Meta-IP, Dynamic DNS, DHCP, and Bind compatability

[Paul T. Root]

Well, I don't know if I can answer your question completely, but regarding CDDM, it's a 
dead product. It was replaced with CNR (Cisco Network Registar). Both do/did DNS and DHCP.

I had no end of trouble with CDDM, and am having no end of trouble with CNR. We've had a
ticket open with Cisco for several months now. We have roughly 1500 dhcp clients, and
the database updates between dhcp and dns lockup dns and sometimes give out bad data.
Cisco's first solution was to separate the machines, however their white paper says I'm
well within spec as to power of the machine (2 cpu Ultra 2). Then they wanted me to make
sure I've got IXFR enabled on all secondaries querying. Well 8.2.2pl5 doesn't do IXFR, and
I thought I read somewhere that IXFR would only work on dynamic data (but that could have
be from CDDM stuff - anybody got an answer to that?)

Ok, the long and the short of it. We're looking for a new dhcp/dns server. Other powers-
that-be are suggesting Lucient's product. In my spare time, I plan to look at it. 

I'd suggest looking at Meta-IP and maybe Lucient's QIP (I think that's the name). 

Paul.


In a previous message, Jesse Whyte said:
> 
> 
> Wow, had to cover a lot of area in the subject line, but I think that it is all relevant.  Some of this may be slightly off-topic due to the vendor-specific reference, but my issue has to do with BIND interoperability and not support for the Cisco project.
> 
> Scope:  We're looking to upgrade our DHCP solution.  We currently handle about 10,000 - 12,000 users via DHCP,and this number will increase to about 60,000 over the next year.  We currently use Sun's bundled DHCP server, but our unsatisfied that it will scale to meet this increased workload.  Therefore, we're looking at two other commercial products to do this, hence the references to CDDM and Meta-IP.  DDNS is extremely important to us for security and usability reasons.  We would love to be able to migrate our servers, workstations, printers, etc. to DNS and DDNS deals with many of our outstanding issues. However...
> 
> Concern:  We currently use the patched BIND 8.2.2 release for our primary and secondary DNS servers.  I do NOT want to migrate this to the Cisco or Checkpoint products for a variety of reasons, most of them having to do with security and some functionality available within the BIND release that is not available in the other products.
> 
> Question:  Can I use just the DHCP/DDNS portion of these products, allowing these services to "securely" use DDNS to update the zone files of a seperate instance of BIND/named?  Ultimately, I would imagine that there will be at least 4 physically and logically seperate DHCP servers, and a fifth Windows 2000 server handling its unique concerns.  In turn, they will be updating four BIND DNS servers.  Or does the functionality of these two products require complete integration?
> 
> TIA,
> Jesse Whyte
> Office of Information Resources
> State of Tennessee
> 
> 


-- 
Chuck Nevitt, North Carolina State basketball player, explaining
 to Coach Jim Valvano why he appeared nervous at practice:
"My sister's expecting a baby, and I don't know if I'm going to be
an uncle or an aunt." (1982)