Do I Really Need DDI?
First, let’s address the obvious: The answer to this question isn’t going to surprise you, coming from an employee of a company that sells DDI solutions. So maybe the better question is Why do I really need DDI?
DDI, of course, is the abbreviation1 for DNS, DHCP and IPAM, which are, respectively, the Domain Name System, the Dynamic Host Configuration Protocol, and IP Address Management.2 Almost anyone likely to read this blog is familiar with DNS and DHCP, so I’ll take it as a given that I don’t need to argue why they’re critical. But DDI solutions do more than deliver DNS and DHCP: They generally provide centralized management, maintenance, and monitoring of your DNS and DHCP servers, which is very important if your DNS and DHCP infrastructure consists of a fleet of far-flung servers. When I was responsible for HP’s DNS infrastructure, back in the day, as they say, I had maybe a dozen DNS servers to care for—but no DDI, given that this was the late 80s and early 90s—an exercise in plate-spinning that I don’t care to repeat.
But modern DDI solutions provide much more than (admittedly time- and labor-saving) administrative leverage. DDI systems maintain the correlation between DNS and DHCP, making it possible to see which devices have which IP addresses, and what their domain names are. You can even peer into the past, to discover (for forensic purposes, for example) who was using that IP address when it was implicated in some suspicious activity. DDI’s remit doesn’t end with devices assigned IP addresses dynamically: DDI can actively discover what’s on your network, giving you a real-time view into all your IP-speaking devices.
DDI solutions have become even more critical as we’ve expanded into public clouds. In many organizations, the folks who run on-premises networks are largely blind to what’s happening in the cloud—that’s considered the domain of the devops staff. That devops staff may use cloud-native DNS solutions such as Route 53 or Azure DNS to support their workloads. Yet it’s the networking staff that’s counted on to troubleshoot problems accessing resources in the cloud or, conversely, problems with cloud workloads accessing on-premises resources. DDI solutions can enable organizations to see which IP addresses are in use in the cloud, and to deploy DNS servers in the cloud or to synchronize with Route 53 and Azure DNS, providing visibility into the cloud in real time.
DDI solutions also play an important role in automation. On networks today, and particularly in the cloud, business won’t wait for DNS and DHCP to be manually provisioned. There aren’t enough interns in the world to handle the Sisyphean task of adding and deleting DNS and DHCP data for every VM created or destroyed, every container spun up or spun down. DDI provides an API that allows DNS and DHCP to be provisioned quickly, automatically, and remotely, and supports off-the-shelf integration with popular provisioning and configuration management platforms such as Ansible and Terraform.
And this is by no means a comprehensive reckoning of why DDI is important and what it can do. I haven’t even mentioned the use of DNS as a security tool with Response Policy Zones, which I think is one of the most effective ways to help secure your network.
Honestly, given how critical DDI is to modern networking, I think the right question isn’t “Do I really need DDI?” but rather “How could I possibly do without it?”
For more insights read our ebook – “Network Computing: Why DDI? Why It Is Important to Integrate DNS, DHCP and IP Address Management in Your Network”
Footnotes
- And not an acronym. Acronyms are pronounced like words, not spelled out, so “DDI” would have to be pronounced “diddy” to be an acronym.
- And “IP” is, of course, an abbreviation for the “Internet Protocol,” making “DDI” a three-level hierarchy of abbreviations! Even the military would be jealous.