DDI technology takes the work out of IP address administration

Take note of DNS/DHCP and IPAM (DDI), three behind-the-scenes network infrastructure technologies that have changed IP address administration.

A set of essential-yet-unsung networking infrastructure services have channel partners paying more attention than usual these days to the job of administering IP addresses.

Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) services toil behind the scenes in data centers. A DHCP server assigns Internet protocol (IP) addresses to the devices tethered to the corporate network, including servers, desktops and mobile devices. A DNS server, meanwhile, maps a device or website domain name -- a readily recognized alphabetical identifier -- to its numerical IP address. Email systems and other network-dependent applications rely on DNS/DHCP servers as a bedrock technology. A related function, IP address management (IPAM), manages DNS/DHCP servers, keeps tabs on the pool of IP addresses available for assignment and prevents IP address conflicts.

A number of factors have raised the profiles of DNS/DHCP and IPAM. The sheer number of devices seeking network access compels organizations to assign and manage more and more IP addresses. From a security standpoint, DNS servers have become a major target of distributed denial of service (DDoS) attacks. Those attacks -- and the potential for severe network disruption -- highlight the criticality of DNS and have made IT managers more concerned than ever before about DNS’availability.

Organizations seeking to automate DNS/DHCP and IPAM can build their own home-grown remedies or purchase products that encompass those technologies in an integrated solution. Gartner Inc. has dubbed the integrated solutions DDI (DNS, DHCP, and IPAM). DDI technologies are often sold as appliances, but cloud-based offerings present another option.

Channel companies interact with DNS/DHCP and IPAM in a couple of different ways. Cloud services providers, for example, may focus on DNS/DHCP and IPAM automation as tools that boost security and improve the delivery of services. But companies may also resell DDI solutions to enterprise IT customers, and managed service providers (MSPs) can offer DDI technology to clients as a service.

Cloud provider solution

Los Angeles-based dinCloud, a cloud service provider, uses a combination of internally developed software and cloud-based services to automate IPAM and DNS/DHCP. The Infrastructure-as-a-Service company provides virtual desktops and virtual servers, and recently launched its dinStorage S3 cloud storage offering.

The cloud service provider created its own IPAM tool and plans to stay with it, finding IPAM products wanting. Mike Chase, dinCloud's CTO, said the IPAM solutions he looked into were generally difficult to use, unreliable and not geared toward cloud deployment.

"They just don't scale with the cloud," he said.

Typically, dinCloud creates its own tools, Chase said. He noted that the company also developedits own cloud orchestration and management platform, dinManage, and made an exception in the case of DNS. The company recently tapped DNS Made Easy, a Reston, Virginia-based company, to provide managed DNS services.

Chase said dinCloud had previously operatedDNS on its own servers, but decided to offload that particular chore. He said dinCloud's development team battled a number of DNS-related issues: preparing for IPv6, adding features such as global load balancing and determining how to avoid DDoS attacks.

"It was just becoming a headache," he explained.

DNS Made Easy houses DNS server clusters in 14 data centers around the world. The service uses Anycast, a routing technique, to direct queries such as website requests to the data center closest to the requester. If that data center is unavailable, the next closest data center handles the request.

DNS Made Easy's Anycast approach provides redundancy and geographic quality of service -- fast replies from the nearest DNS servers, Chase said. The company's method also provides global load balancing and the ability to thwart DDoS attacks, according to DNS Made Easy.

Chase said dinCloud plans to integrate the DNS Made Easy service into dinManage, so customers can subscribe to the service via a portal. The company's customers include consumers, small- and medium-sized businesses, and Fortune 100 companies. It markets to customers through distributors and resellers.

Reseller, MSP opportunity

DDI vendors, meanwhile, view their technology as a sales opportunity for resellers and MSPs.

Andrew Wertkin, CTO at BlueCat Networks, said the Toronto-based company partners with a range of companies in the DDI space, depending on the circumstances.

For example, BlueCat works with companies such as HP, CSC and IBM on broad-based IT outsourcing projects or data center transformations involving a cloud investment. On projects based on network simplification, however, BlueCat partners with companies such as AT&T and Verizon, which provide managed DDI services. 

DDI's IPAM component plays an important role for service providers, whether they are taking over a customer's existing infrastructure or building an entirely new cloud-based environment. 

"There is a need to map the business logic to the network, document the resources available on the network, and document where those are and how they are accessed," Wertkin said. "IPAM has an ideal position in the network to be that central point where the logical network is mapped and documented, so [service providers] can understand where those resources are."

"We have customers with thousands of [application program interface] calls a day into our systems to retrieve IP addresses. It just can't be done manually anymore."

Andrew Wertkin, CTO, BlueCat Networks

DDI offerings also address the customary lag involved when enterprises seek to set up an IP address. In a cloud infrastructure, virtual server instances can be created in a matter of minutes, which means enterprises have less tolerance for delay.In this context, DDI automation can help service providers meet service-level agreements

"Automation must be a heavy part of this," Wertkin said. "We have customers with thousands of API [application program interface] calls a day into our systems to retrieve IP addresses. It just can't be done manually anymore."

Wertkin said service providers benefit from providing DDI as a service;the technology makes the other services they provide more efficient and responsive to constant changes in the network.

Peter Luff, director of service provider marketing at Santa Clara, California-based Infoblox Inc., said he sees MSPs offering managed IPAM or DDI services. Infoblox, which provides DDI solutions, partners with resellers and MSPs.

"There is a revenue opportunity for them managing the customer's IP address space in a very efficient way," Luff said.

Luff said DDI technology has ranked highly among the technologies MSPs have traditionally managed. But he described this field as a natural extension for service providers already in the business of managing routers or LAN switches.

"It is a very adjacent service for many MSPs," he said.

Luff added that an MSP can act purely as a reseller, selling an appliance and taking the resale margin. In that context, the MSP is also in a position to sell services around the appliance. The service provider, for example, can offer to monitor the IP address management infrastructure to make sure it's running and provide break/fix services if it isn't. An MSP could also step up to a fully managed model, in which it assumes complete responsibility for managing the customer's IP address space. In that case, the MSP would establish an in-house operations team to focus on that task. An MSP might also choose to host the DDI appliance at its location or use a third-party hosting center.

Channel partner opportunities seem set to expand, as more customers recognize the importance of IP address management.

"DNS is business-critical," said Scott Breadmore, sales director for the United Kingdom and Ireland at EfficientIP. Efficient IP, a DDI solutions provider with headquarters in France and West Chester, Pennsylvania, works with resellers and distributors.

"DDI [solutions] have moved from something you are evangelizing about to something that is on the forefront of people's minds," he added.

Dig Deeper on Campus area networks and services