Why are We Moving Away from Maintain?

Jason Gorrie

Agenda

Why ChangeSelection ProcessSelection OutcomeImplementation TimelineQuestions

Definitions

IPAM: IP Address Management

DHCP: Dynamic Host Configuration Protocol

DNS: Domain Name System

DDI: DHCP, DNS, IPAM

Why Change

Oregon State Univ cease fundingMissing

IPv6 eg:fe80::224:1dff:feab:e78a/64 DNSSEC Simple disaster recovery

Selection Process

Spring 2011: Invite vendors for RFI

Summer 2011: RFP

Fall 2011: RFP technical evaluation

Nov 16, 2011: RFP completed

Dec 01, 2011: PO issued

Selection Outcome

Infoblox in the Industry

• Carleton University

• Université de Montréal

• Harvard University

• Arizona State University

• Tivo

Hardware Options

Infoblox-1050-A

24K DNS req/sec

Infoblox-1550-A

36K DNS req/sec

Hardware IB units

Web Interface

Lab Environment

Lab: two IB 550-A & one IB 250-A Setup to allow

Training Advanced scripting changes Testing of updates, new features

Setup completed no later: Jan 15, 2012

Preliminary Layout

Layout - Management

Layout – Hidden Master

Layout - DHCP Campus

Layout – DHCP Resnet

Layout – Unicast & Anycast

Layout - Insight

Layout – Anycast

A1U: MC – IST machine room

A2:EV2/3 – Environment machine room

A3:E6 - Engineering machine room

A4: Unknown

A5: Unknown

A6U: PHY/? - IST machine room

Aggregate Capacity: ~ 150K DNS requests/sec

Max Observed Typical Load: 4K DNS requests/sec

Implementation Timeline

January 1, 2012 Gear arrives January 15, 2012 Lab Environment complete

Training (TBD)

February 17, 2012 Earliest Maintain Flag day Cut over Resnet DHCPCut over Campus DHCP

February 26, 2012 Earliest new system in operation End of April Backup implementation date

January 20 -> February 10, 2012

Cut over Anycast nodes

Deliverable Timeline

+3 months Switch/network data importing+6 months Ipv6 for all+6 months

CutoverDNS/DHCP/NTP for campus/wireless/resnet

DNSSEC enabled for uwaterloo.ca

Important Changes

• Policy 8 classification of A,AAAA record

• Host HW/location data no longer in TXT records, available through API

• Less free form data inputs

• * No /etc/hosts

• * No /etc/networks

• Changes to bulk import TBD

API

Written in Perl Reference manual ~ 1300 pages, functions well

documented, sample code Bloxtools: www.bloxtools.com

my $bind_a = Infoblox::DNS::Record::A->new (ipv4addr => "1.1.1.1",name => "bind_a.domain.com",comment => "this is a demo bind_a record",disable => "true", ttl => "33",mac_address => "1:1:1:1:1:1",views => [$view1] ); # Submit for addition

Question and Answer

Concerns? What training do you want and how

delivered? /etc/hosts, /etc/networks are there others? Workflows MS DNS Integration

Links