Why are We
Moving Away
from Maintain?
Jason Gorrie
Agenda
Why Change
Selection Process
Selection Outcome
Implementation Timeline
Questions

Definitions
IPAM: IP Address Management
DHCP: Dynamic Host Configuration Protocol
DNS: Domain Name System
DDI: DHCP, DNS, IPAM
Why Change
Oregon State Univ cease funding
Missing




IPv6 eg:fe80::224:1dff:feab:e78a/64
DNSSEC
Simple disaster recovery
Selection Process
Spring 2011: Invite vendors for RFI
Summer 2011: RFP
Fall 2011: RFP technical evaluation
Nov 16, 2011: RFP completed
Dec 01, 2011: PO issued
Selection Outcome
Infoblox in the Industry
•
•
•
•
•
Carleton University
Université de Montréal
Harvard University
Arizona State University
Tivo
Hardware Options
Infoblox-1050-A
24K DNS req/sec
Infoblox-1550-A
36K DNS req/sec
Hardware IB units
Web Interface
Lab Environment


Lab: two IB 550-A & one IB 250-A
Setup to allow




Training
Advanced scripting changes
Testing of updates, new features
Setup completed no later: Jan 15, 2012
Preliminary Layout
Layout - Management
Layout – Hidden Master
Layout - DHCP Campus
Layout – DHCP Resnet
Layout – Unicast & Anycast
Layout - Insight
Layout – Anycast
A1U: MC – IST machine room
A2:EV2/3 – Environment machine room
A3:E6 - Engineering machine room
A4: Unknown
A5: Unknown
A6U: PHY/? - IST machine room
Aggregate Capacity: ~ 150K DNS
requests/sec
Max Observed Typical Load: 4K DNS
Implementation Timeline
January 1, 2012 Gear arrives
January 15, 2012 Lab Environment complete
January 20 ->
Training (TBD)
February 10, 2012
February 17, 2012 Earliest Maintain Flag day
Cut over Resnet DHCP
Cut over Campus DHCP
Cut over Anycast nodes
February 26, 2012 Earliest new system in operation
End of April
Backup implementation date
Deliverable Timeline
DNS/DHCP/NTP for
Cutover campus/wireless/resnet
+3 months Switch/network data importing
+6 months Ipv6 for all
+6 months DNSSEC enabled for uwaterloo.ca
Important Changes
• Policy 8 classification of A,AAAA record
• Host HW/location data no longer in TXT
records, available through API
• Less free form data inputs
• * No /etc/hosts
• * No /etc/networks
• Changes to bulk import TBD
API



Written in Perl
Reference manual ~ 1300 pages,
functions well documented, sample code
Bloxtools: www.bloxtools.com
my $bind_a = Infoblox::DNS::Record::A>new (
ipv4addr => "1.1.1.1",
name => "bind_a.domain.com",
comment => "this is a demo bind_a record",
disable => "true", ttl => "33",
Question and Answer





Concerns?
What training do you want and how
delivered?
/etc/hosts, /etc/networks are there others?
Workflows
MS DNS Integration
Links