How experts monitor their DDI ecoystem
Originally published on May 31, 2021 by Simon Bell
Last updated on May 31, 2021 • 10 minute read
Thomas Gray’s famous line "ignorance is bliss" neatly sums up most users’ attitude to what happens in the murky corners of the IT department, and rightly so. As long as the blinkenlights are flashing, the noisy fans are whirring and business services are available, then all is good in meatspace.
Arguably, one of the most important of the dark arts practiced by IT is that of IP address space management. It’s certainly nowhere near as sexy as “AI”, “blockchain”, “X-as-a-service” or any of the current crop of trendy must-have tech buzzwords. But without a proper management and control of IP addresses and DNS, not a single IT service can be delivered. The blinkenlights will all go dark.
Do you manage your IP addresses with Excel?
For many small or simple networks, the built-in Windows Server DNS and DHCP admin tools are enough to keep track of single class C address space. A simple Excel sheet is another popular choice. The problem is these simple solutions don’t scale.
Imagine this scenario – you’re an Admin in a small logistics company. You manage about 120 networked devices, some with static IPs, some using DHCP. You run on-prem email and host a couple of company websites. You use an Excel sheet to keep track of IP address allocation and DNS records. Life, and business, is good. So good, that the company decides to open another depot. Not a problem, you just add another tab to Excel and manage the new subnets in the same way.
Another year, another new depot, or two. Excel is now getting cumbersome. But business is booming, to the extent that your company decides to buy out their largest competitor. That’s another five sites you need to manage. Two of them are using the same IP address ranges as your existing sites. Not only that but the newly acquired company has invested heavily in cloud and you also have a complex AWS infrastructure and an Office 365 environment to manage. Your faithful Excel sheet just isn’t going to cut it anymore. You need a dedicated address space management tool.
Collectively, the systems that manage an IP space are referred to as DDI tools which stands for DNS - Domain Name System, DHCP - Dynamic Host Configuration Protocol and IPAM - IP Address Management. (We geeks do love a good #acronymsalad).
iWhat is DDI?
DDI in networking is short for DNS-DHCP-IPAM. DNS assures the association of hostnames and IP addresses. It enables access routing to almost all applications and services to keep HTTP web traffic and network traffic flowing. DHCP provides dynamic IP address assignment for nodes logging into the network, together with configuration capability automatically inherited from the address plan tree. IPAM supports these critical technologies by enabling efficient management of IP addresses across the network. Together they make up DDI. (source)
Ok, how do experts deal with DDI?
Recently, we’ve been working with an Icelandic company called Men&Mice who have been producing DDI tools for over 30 years. Not only do they have an extremely cool company name, but their Micetro solution provides comprehensive DDI orchestration for any network, regardless of location, scale, or complexity.
Micetro provides administrators with a single, unified management console for their IP address and DNS spaces, across multiple sites and regardless of whether the individual services are on-prem, hosted or hybrid. Unlike some other vendor’s tools, which provide little more than visibility and reporting into an address space, Micetro offers full management and orchestration capabilities. It can add, remove, and change DNS records and IP address assignments across all managed environments, whether physical or virtual. The latest version also provides automation workflows for Terraform and Ansible. This allows organisations already capitalizing on Infrastructure-as-Code and Network-as-Code functionality, to extend those workflows with DDI.
To facilitate these orchestration capabilities, Micetro has been designed with an “API first” ethos. All the system’s functions are API enabled allowing them to be controlled via scripts. One example use case for this would be the automated provisioning of a complex virtual training lab, where systems need to be repeatedly built and torn down to accommodate different courses. Micetro’s API can be leveraged to automatically create DNS records and DHCP address allocations as VMs are deployed and then purge those same records as the machines are decommissioned at the end of a course.
Having such a comprehensive API makes it trivial to monitor Micetro, and therefore your IP and DNS infrastructure, using PRTG. The API is documented using Swagger which makes it easy to identify endpoints for use with PRTG’s REST Custom Sensor.
Here’s an example of just some of the information that can be retrieved using the REST Custom Sensor:
And here’s a closer look at one of those sensors that shows how many addresses are available in a specific DHCP pool. The sensor includes limits (thresholds) that can notify the administrator when the pool is running low on available addresses.
The sensor configuration is fairly standard, just requiring authentication details and the specific REST call to be used. Each of the sensors also uses a REST Configuration Template to format the API return, and templates for the sample sensors can be found on our GitLab site.
The REST template for this sensor looks like this:
Once the sensors are created, they can then be used to create a PRTG map (dashboard) to show the health of the entire IP address space in one consolidated view:
IP and DNS space management might not be the most exciting topic within the field of IT, but the timely and accurate management of those resources is critical for the efficient delivery of services to customers, be they internal or external.
For all but the simplest networks, a manually maintained Excel sheet is simply not good enough. Administering a complex hybrid environment requires a specialist tool. Micetro provides the Sysadmin Team with all the management and automation capabilities they need to administer their IP and DNS allocations. And of course, the easy integration means all the IP and DNS health and performance information can be captured and displayed directly in the Sysadmin’s favorite tool, PRTG!