All three products can scale and support large installations via additional appliances, up to the DNS limit of 13 name servers per zone. BlueCat and Infoblox offer high-availability (HA) installations; more money will get you additional boxes and better theoretical uptime. We played with the HA setup from Infoblox and liked what we saw. (Without having equipment on hand from BlueCat, we couldn't provide a comparison, and ApplianSys' HA solution is in development. HA on primary DNS is not a high priority, as most shops are running multiple secondary servers.)
Big hosting companies like UltraDNS have reason to be nervous. Although it may take a highly technical person to design a DNS architecture for a global company, these products mean big talent is no longer required to maintain DNS.
Each of our contestants lets an administrator control the appliance (reboot, shut down, hardware and software status, autoupdate of OS and security patches) via remote client software. Standard DNS configuration (time to live and refresh) modifications also are implemented from the client interfaces. All are DHCP- and Dynamic DNS-compatible, and Infobox's DNS One and ApplianSys' DNSBox300 can function as DHCP servers. Although we couldn't test Microsoft Active Directory compatibility in our Macintosh OS and Linux shop, each vendor offers extensive documentation for integrating with a Microsoft environment and can provide customer references for successful implementation in Windows environments.
Of course, if you're not using Active Directory in a disparate environment, setting up these appliances is simple. Once configured properly, all the units performed perfectly as primary DNS boxes both in our production environment and under test load. We experienced no outages or interruption of service with any of them. From a user's standpoint, our appliance testing was uneventful. To simulate heavy query volumes, we used the queryperf tool from ISC (available with BIND 9.2 sources, in the contrib folder) to pound the heck out of all three contenders. We ran our tests off a Red Hat Linux client and never stressed CPU or I/O loads above 40 percent. We couldn't quite generate the numbers promised by the vendors (Adonis claims 8,400 queries per second, or 725 million theoretical queries per day, for example), but we could consistently get between 2,000 and 6,000 queries per second on all three appliances using queryperf, for a simulated 172 million to 517 million queries per day.
Each product hosts DNS from a streamlined, hardened OS environment where any services or devices not used to provide name resolution have been stripped from the kernel. (For more on hardened Linux setups, see "Hardened Linux Puts Hackers EnGarde".) Compared with our network's Red Hat Linux box running a GUI tool like QuickDNS 4.x from Men&Mice, life is more convenient with any of these boxes and their autoupdate capabilities. Although we continue to be satisfied with the features and performance of QuickDNS, keeping up with fixes and security patches for the OS platform it rides on can be a bear. Each appliance provides secure DNS functionality in an easy-to-manage box that keeps itself up to date.
Discover the benefits of scalable backbone and network services for application and cloud providers.
Network automation is gaining momentum. Here's how you can drive this powerful technology to its full potential.
Subsea cable alternatives can provide a level of comfort for those concerned about disruptions. Realistically, they will continue to play a small, but critical role in the short term.
