bind on bluecat's adonis 1000

Brad Knowles brad at stop.mail-abuse.org
Wed Sep 14 18:02:14 UTC 2005 

At 1:13 PM -0400 2005-09-14, Terry Howell wrote:

>  Gok, we own bluecats appliances and they work great for us.  we tested
>  both vendors and found that the infoblox devices slowed to a crawl in a
>  large environment and didn't have support for key features we desired
>  (ex. bind views, something to check for errors, etc).

	I can't speak for a tool to check for errors, but I know that 
Infoblox fully supports views, and I've seen some pretty impressive 
performance on these things -- out-of-the-box performance in the 
25,000-30,000 queries per second range for authoritative nameservice 
on a large-scale domain.

	Every appliance is either a grid member or a grid master, and all 
configuration is done through the master for a particular grid.  You 
can update a configuration or a zone, roll that out across all the 
members of the grid, have them automatically stagger their 
reconfiguration process, monitor the reconfig as it is in progress 
across the grid, etc....  And reconfiguration takes just a few 
seconds.

	Of course, each grid master can be master of multiple grids, and 
all the configuration details for the grid members is stored in the 
shared database on the grid master.  A full backup of a large-scale 
environment, with something on the order of 50 total grid 
members/masters, large numbers of domains (some of which are quite 
large themselves), etc... will all fit into just a few megabytes, and 
is easily backed up to tape.

>  oh, and btw they use bind 9.2.5 and have never tried to hide it from me.

	Infoblox doesn't try to hide the which version of BIND they're 
running, and they're open about the software being built with support 
for threading, and the type of dual-CPU Opteron box they're running 
on, etc....  They don't let you create the configuration file 
manually, but you can see the whole thing on their Java Web Start 
Application or on their Java Applet in your web browsers, you can 
download it to your desktop, etc....

	For whatever reason, if you need a version of BIND that is built 
without threading, they'll do that for you and ship you a new 
firmware configuration.


	But Terry is right -- you should arrange to get at least one of 
each and test them out for yourself.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.

More information about the bind-users mailing list