BlueCat Distributed DDNS - Adaptive Applications - BlueCat Gateway - 21.2

BlueCat Distributed DDNS Administration Guide

Locale
English (United States)
Product name
BlueCat Gateway
Version
21.2

BlueCat Adaptive Applications are licensed, out-of-the-box applications that provide you with advanced DDI functionality with minimal configurations. Adaptive Applications extend the functionality of the BlueCat core Adaptive DNS platform, DNS Integrity, in specific areas to drive increased customer value and competitive differentiation.

DDNS is a vital feature of modern enterprise networks that needs to be highly reliable, performant, secure, and manageable. BlueCat Distributed DDNS provides a distributed entry point for all Dynamic DNS registrations, sitting as close as possible to the client. It provides a secure interface for all dynamic DNS Updates. In addition, BlueCat Distributed DDNS provides Anycast deployment capabilities and is fully integrated with the BlueCat Adaptive DNS Stack.

The BlueCat Distributed DDNS Adaptive Application consists of three components:
  • Distributed DDNS Data Node: The Distributed DDNS Data Node is a multi-primary database cluster used to store DDNS update information and the Distributed DDNS configuration information. The Distributed DDNS Data Node contains multiple nodes that replicate information.
  • Distributed DDNS Service Node: The Distributed DDNS Service Node processes and validates DDNS updates.
  • Distributed DDNS Application Node: The Distributed DDNS Application Node component connects to the Address Manager and includes an administrative user interface to manage the configuration of the Distributed DDNS Service Nodes.

The following image displays the architecture of the Distributed DDNS Adaptive Application and how these components interact.



Through these components, BlueCat Distributed DDNS provides the following additions and improvements:

  • DDNS updates are sent to the closest Anycast-enabled Distributed DDNS Service Node for processing and evaluation. The Distributed DDNS Service Node validates and securely forwards updates to the Primary DNS server using TSIG.
  • If the primary DNS Server fails in your environment, Distributed DDNS service nodes queue updates until the primary DNS server is operational.
  • BlueCat Distributed DDNS fully supports all common cryptographic signature methods used in DDNS updates, including support for multiple Active Directory domains, without sacrificing access controls for unsigned updates when necessary. GSS-TSIG negotiation and enforcement are supported for reverse DNS, including forward DNS.
  • Each Distributed DDNS Service Node processes GSS-TSIG signatures asynchronously with improved performance over standard BIND name servers. Multiple Distributed DDNS Service Nodes can be used together using Anycast or load balancing. In this configuration, Distributed DDNS acts as a GSS-TSIG offloading engine for BlueCat DNS Integrity.
  • DDNS permission management is simplified with Distributed DDNS, replacing BIND's cumbersome update-policy statement with an intelligently designed rules system that is more capable and easier to manage.