Home / Blogs

Software Defined Data Centre Needs DNS

Juha Holkkola

During 2012, Software Defined Networking (SDN) seemed to be all the rage. The VMware acquisition of Nicira during the summer doldrums for US $1.26 billion validated the fact that the SDN paradigm is expected to have some serious legs over the coming years. I guess the same applies to virtualized network services in general, although the acquisitions in that space were not quite as high-profile as the ones in SDN.

SDN environments consist of a virtualized controller layer containing software-based intelligence required to dynamically formulate and provision routing rules into x86-based commodity networking equipment, leveraging open APIs and protocols such as OpenFlow. In VMware's vision of Software Defined Data Centre, their vCloud orchestator becomes the source of the data pushed out to the SDN controller, bridging Layer 2-4 network equipment and the dynamic workloads coming and going from the cloud.

The problem I have with VMware's Software Defined Data Centre (SDDC) stack is that it sort of ignores the biggest concession in networking made to us humans. That is, the DNS. In order for people to be able to connect to the virtual server instances running in the Software Defined Data Centre, they probably expect to use names as opposed to IP addresses, particularly in IPv6 enabled environments.

And of course from the data centre elasticity perspective, using names as opposed to IP addresses is more administrator-friendly too. After all, it is a lot easier to change the IP address of a hostname, than it is to change an IP address in all the clients and equipment that need to connect to a given machine. Bearing this in mind, I think we can rest assured that DNS will continue to have a bright future also in connection with SDN and SDDC. The more dynamic the data centers become, the more utility the good old DNS offers.

With that said, I do believe that standard DNS architectures will have to evolve as the Software Defined Data Centre marches on. To this end, here's a two-point checklist to all the data centers out there:

1) Dynamic DNS Provisioning. As data center workflows are being automated, there will be very little room for command-line prompt or home-grown scripts. Rather, the DNS platform must have an open API that can be used to provision changes, in real-time. Forget the manual management of static DNS entries, that's not for the 10s.

2) DNS Management Automations. To make sure that the integration is kept simple, the DNS platform to which the changes are provisioned must include automation features such as creation of slave zone files (when master is created) and reverse mappings; automated allocation of next available IP address; automated generation of names based on user policies; and data validation to make sure an invalid entry does not take down the DNS service. In other words, the whole nine yards.

In many ways, this architecture is actually quite similar to SDN. The DNS primary becomes a virtualized, intelligent controller used to provision changes in real-time to the virtualized DNS secondaries serving out traffic on Layer 5. So in case you happen to work for VMware, please tell your colleagues that without a virtualized DNS architecture such as this, your SDDC stack is not complete.

What remains debatable is the part of the Software Defined Data Centre stack that triggers the changes provisioned to DNS. I will discuss this in my next blog, so stay tuned.

By Juha Holkkola, Managing Director of Nixu Software. More blog posts from Juha Holkkola can also be read here.

Related topics: Cloud Computing, DNS

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


To post comments, please login or create an account.

Related Blogs

Related News


Industry Updates – Sponsored Posts

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS

Join Paul Vixie & Robert Edmonds at the Upcoming Distinguished Speaker Series

LogicBoxes Announces Automation Solutions for ccTLD

3 Questions to Ask Your DNS Host About DDoS

Introducing Our Special Edition Managed DNS Service for Top-Level Domain Operators

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

Nominum Announces Future Ready DNS

Video Interviews from ICANN 50 in London

Dyn Acquires Internet Intelligence Company, Renesys

Introducing getdns: a Modern, Extensible, Open Source API for the DNS

Why We Decided to Stop Offering Free Accounts

Tony Kirsch Announced As Head of Global Consulting of ARI Registry Services

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

Dyn Acquires Managed DNS Provider Nettica

Why Managed DNS Means Secure DNS

SPECIAL: Video Interviews from NamesCon 2014 in Las Vegas

Rodney Joffe on Why DNS Has Become a Favorite Attack Vector

Motivated to Solve Problems at Verisign

Sponsored Topics



Sponsored by


Sponsored by

DNS Security

Sponsored by
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines