Disaster Recovery: BlueCat DNS to the Rescue

A BlueCat customer discusses why organizations can’t afford to overlook DNS, DHCP and IPAM when planning for a disaster.

In this post, a BlueCat customer discusses why organizations can’t afford to overlook DNS, DHCP and IPAM when planning for a disaster, and why a resilient architecture matters.

Almost all enterprise-class companies have a disaster recovery plan, and multiple teams and parts of the business have invested many hours working together to come up with the perfect plan.  But no company ever wants to put a disaster recovery plan into action, and many companies dislike even the thought of testing that plan. There are two major areas of a disaster recovery plan that are often overlooked – DNS and DHCP core services – and one that is almost never considered – IP Address Management (IPAM) and tracking.

With most out-of-the-box DNS, DHCP and IPAM solutions, options are very limited. Any company moving up from a medium-sized business to a full enterprise either leverages Microsoft or some flavor of BIND for DNS and DHCP. And they typically use an Excel spreadsheet to track the IP addresses.  Now fast-forward to a time when disaster recovery planning begins and you and your engineers must plan for the worst-case scenario.  In my company’s case, we have sites around the US (including Hawaii), a primary data center, a disaster recovery site, and a third site for the IT staff.  This presents a near nightmare for IT.

Initially, our configuration was a Microsoft solution for both DNS and DHCP, and it wasn’t pretty.  We leveraged DNS on every domain controller (4 in our main data center, 2 in our backup site, and 4 in various geographically diverse facilities throughout the country.  Our DHCP solution was even worse, with simply two servers, and each of 100 plus scopes spread between the two servers.  As for IP address management, it was a good ol’ Excel spreadsheet to the rescue (oh yeah, and we backed it up to someone’s cloud storage for good measure).

In planning the conversion to a company-wide disaster recovery plan, we came to the realization that our current setup was not nearly good enough, nor would it allow for a quick failover should we ever be forced to perform one.  We evaluated several vendors, but there was one thing BlueCat did particularly well – everything.  Through the use of primary and secondary DNS servers adhering to BIND standards, we were able to reduce our service footprint to a single DNS server at each data center, one in our IT staff office, and 2 at our largest facilities which are geographically strategic.  With the IPAM management console allowing for primary and failover as well, we are able to house one in our main data center, and one in our DR site.  This solution also worked for our external DNS: we have one DNS server at each location for external DNS as well.

With BlueCat, DHCP proved to be an even easier solution than we thought. While the system still splits the DHCP scopes in half, we no longer have to manage them all separately on different servers.  We now log in to one interface (BlueCat Address Manager™) and can manage them as single scopes.  This allows for us to leverage the same server for DHCP as we do for internal DNS, with one at each site.  The added benefit here is we can actually see which clients are leveraging DHCP by way of the Address Manager interface, which ties all of our DNS and DHCP together into one very simple to use management interface.

BlueCat Address Manager gives us the ability to centrally manage our network without Excel spreadsheets, or Access databases.  This solution gives us not only an automated way to view our DNS records, or see which clients are using DHCP, but also a highly resilient solution that is in line with our company’s disaster recovery initiatives and fully redundant across multiple data centers.

Not only does BlueCat give our company the protection we require on paper, but the solution works.  Not many companies are in a position to put their business connectivity at risk by shutting off their primary DNS and DHCP services, but we have fully tested the implemented solution, and much to management’s surprise, the solution works exactly as architected.  We do not lose any service as a result, and failover could not be easier.  Everything is monitored within the BlueCat systems and provides the failover with no human interaction, which in the case of disaster recovery is a very good thing.


An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

Banner announcing BlueCat's acquisition of LiveAction, displaying both logos and the phrase "We're about to get bigger."

BlueCat acquires LiveAction to drive network modernization and optimization

BlueCat’s acquisition of LiveAction will allow customers to expand their view beyond DNS and dive deeper into the health of their network.

Read more

Simplify NIS2 compliance with DNS management

Learn whether the EU’s NIS2 requirements apply to your organization and about how DNS management and BlueCat can boost your path to compliance.

Read more

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

BlueCat has acquired LiveAction

It’s official! BlueCat has acquired LiveAction’s network observability and intelligence platform, which helps large enterprises optimize the performance, resiliency, and security of their networks.