[c-nsp] OT - Infoblox vs. Bluecat

Mishka, Jason Jason.Mishka at UToledo.Edu
Fri Jan 15 16:38:29 EST 2010 

We inherited a cluster of Bluecat Adonis boxes a few years ago during a
merger.  They were terrible.  I've never seen an application so poorly
written that ran something as simple and dns and dhcp.  

I'll can tell three stores....

On one particular occasion we were applying updates to apply new tz
information as DST was changing by a few weeks.  I called for support
since everything was running slow and basically got blamed for waiting
too long to apply the patches.  Apparently they didn't have enough
capacity to handle the load since the patches were time sensitive.  

We also had a number problems with dynamic DNS.  The machines were
configured in a cluster which would fail from time to time for no
reason.  When this happened the DHCPID or txt records for the dynamic
client would get lost and the clients wouldn't be able to update their
own record later.

Lastly, if the client and appliances were running different version of
code the client could corrupt the config while applying changes.  A
number of time, we had other admins update to the latest client without
knowing that the server had to match.  Unfortunately, the thing wasn't
smart enough to check the client version and throw an error.

We moved back to a few redhat boxes and haven't had any trouble since.
I'd recommend against a bluecat appliance based on our experience.

Jason Mishka

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Alasdair
McWilliam
Sent: Friday, January 15, 2010 2:11 PM
To: Church, Charles
Cc: nsp-cisco
Subject: Re: [c-nsp] OT - Infoblox vs. Bluecat

We use InfoBlox and it's pretty good.
We have a grid containing several pairs of HA nodes at various DCs, used
for DNS, DHCP and IP Management. We're not using IPv6 though.


On 15 Jan 2010, at 15:09, Church, Charles wrote:

> I apologize for this being fairly OT for a Cisco list, but I figured
someone on here has touched some DNS gear before.  Anyone work with
Infoblox and Bluecat, and run across a significant reason to choose one
over another?  I've googled, but most articles are 5 years or more old.
Off-line responses encouraged.  The planned use is for govt, so full
access to the kernel is nice for hardening/verification.  Also need
TSIG, DNSSEC, and IPv6 support, which they both claim to have, as
they're both based on recent bind.  Secure mgmt such as SNMPv3, SSHv2,
and SSL would be nice.
> 
> Thanks in advance,
> 
> Chuck
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list