This guest blog post is by BlueCat Networks. We thank BlueCat Networks for being a sponsor.
The Bottleneck. The Barrier. The Hold-up.
We all have our term for the IT people who keep us from getting things done. (Some of us just go straight to four letter words.) All we need is this one thing – a device added to the network or a DHCP lease. All they need to do is flip a switch or click through a few screens on their end to make it happen. Shouldn’t it be easy?
The Domain Name System (DNS) is often the root cause of this griping. Adding a device to the network, assigning IP space to an app development team – it’s usually a DNS administrator who handles these basic things. It’s usually that person who gets the bulk of the complaints, too.
Enter Mister DNS
Most network teams have a single person who handles all of those DNS service requests. Maybe it’s Mister DNS. Or perhaps the DNS Queen. Or one of the many other nicknames we give them. Whoever they are and whatever you call you them, they are the go-to person for everything DNS-related. In most cases, they probably built the DNS architecture themselves. They know how all the patches and configurations work together, and how to keep everything humming.
This person probably started off with a manageable workload, at a time when the network was relatively simple to operate. Then the number of DNS-related service requests started to skyrocket. With the complexity generated by the cloud, DevOps, virtualization, and other strategic initiatives, the backlog of DNS service tickets grew at an unsustainable rate.
So naturally, their ability to provide quality and timely service declined. From morning until night, they plug away at all those service tickets, all while trying to keep up with massive changes in the network architecture. The Sultan of DNS used to be an honorific – this was the one person who really knew what they were doing. Now they’re the ones who are holding up progress and throwing the rest of the enterprise off track.
Blaming the Victim
It’s tempting to blame it all on the DNS Guru. If only they would work faster! If only they were more efficient! Here’s the thing: it’s usually not their fault. They are doing the best they can under the constraints of the network architecture.
The simple fact is that in most enterprises, demands on the network are exploding while the underlying DNS infrastructure remains the same. Decentralized DNS architectures built on BIND or Microsoft require constant patching and configuration once the network reaches a certain critical mass. Beyond that point, just keeping your head above water becomes a significant challenge.
A single person simply can’t manage those patches and configurations at the scale that today’s networks demand. DNS automation is the answer, but Microsoft and BIND don’t support it. So as long as the underlying DNS remains constant, any DNS admin is going to continue sinking under the burden of keeping things up and running.
More and more enterprises are starting to realize that this situation is untenable. Basic risk management principles tell us that there shouldn’t be a single source of failure for anything on the network.
What if Mister DNS moves to a different company? What if the DNS Queen retires? All of that institutional knowledge is difficult to replace, especially if the enterprise is built on a home-grown system of patches and configurations.
Then there’s the larger question of support for strategic initiatives. If the Grand Poobah of DNS can’t keep up with day-to-day management, how can we expect them to support a cloud migration? If devices are waiting several days for an IP address, how will the DevOps team build apps on an agile schedule? If the DNS patches and configurations require a decoder ring, how will SD-WAN even work?
Finding a Better Way
Core network infrastructure is too important to be run in this way. The stakes are too high for one person to handle the responsibility or the workload. So what is to be done?
Get your house in order. Only purpose-built DDI platforms can deliver the automation, self-service, and features that network teams need. The solution is to ditch the patches and configurations in favor of an easy to use system, one that lifts the burden of management from a single person. The solution is a DNS that actually supports strategic initiatives rather than holds them back.
Let a thousand DNS admins bloom. Purpose-built DDI platforms eliminate the need for one person to manage all those patches and configurations. When the work is spread out across the network team or even pushed out to end-users through a self-service portal, everyone’s happier– and more productive.
Get your DNS data flowing. Visibility into that rich stream of DNS data has significant value across the enterprise. With a more purposeful approach to collecting that data (and a centralized place to view it), DNS data can provide significant visibility into everything that happens on the network. That makes the Emperors of DNS valuable assets to the whole team, not bureaucratic roadblocks.
Automate everything. Once your DDI systems are rationalized on the back end, you can implement DNS automation to take care of all the standard tasks which are currently drowning Mister DNS on a daily basis. Assigning IP space, adding devices to the network, managing DHCP scopes – all of these things should be done with a few clicks, not a drawn-out, manual process.
The DNS admins of the world deserve our greatest respect – they keep the network up and running, after all. That’s why it’s time to liberate Mister DNS from day-to-day drudgery. That’s why we should be setting DNS Queens free to do the higher-level tasks they want to do (and are expected to do).