Grid Member Maintains subset database of required records Can be any model appliance Runs user facing services (e.g. DNS, DHCP, NTP, FTP,

TFTP, HTTP - all or selected)

Grid Master Candidate (GMC) Maintains database of all records in the Grid Must be same appliance size/model as GM Can be promoted to Grid Master at any time (DR) Often runs services, but may be dedicated in certain

conditions Grid may contain multiple Grid Master Candidates Not supported on T-100, TE-810/V810, Cisco or Riverbed

Grid Master (GM) Maintains database of all records in the Grid Central point of administration/GUI Recommended in High Availability setup Only one active Grid Master at any time Generally largest appliance in architecture Often runs no services, but can under certain conditions Not supported on T-100, TE-810/V810, Cisco or Riverbed

Infoblox DDIAppliance

T-100TE-810TE-820

TE-1410TE-1420TE-2210TE-2220IB-4010IB-4030

DB Objects18k33k

110k440k880k880k1.8m8m--

DNS QPS1.5k4k

15k30k50k61k

143k200k

1m (rec)

DHCP LPS1560

105210300375600

1020--

T-100IB-VM-100

SOHO, Retail Branch

TE-810IB-VM-810

Small Office, Retail

Branch

TE-820IB-VM-820

Branch, Large Store

TE-1410IB-VM-1410

Medium/Large Office

TE-1420IB-VM-1420

Regional Office,DR Site

TE-2210IB-VM-2210

Regional Office,DR Site

TE-2220IB-VM-2220Medium HQ,

Central Office

IB-4010Large HQ,

Data Center, Carrier CO

IB-4030High Perf. Caching,

DDoS Protection

Physical/Virtual Appliance Models

Solution Design Guidelines

ApplianceTE-810TE-820

TE-1410TE-1420TE-2210TE-2220IB-4010

MS Objects33k

110k440k880k880k1.8m4m

MS Servers5

20507575

100150

Grid Max--5075

150150200500

Grid Master Model Max No. of Members Run DNS+DHCP on GM? Can GMC be the logging member?

TE-820TE-1410

TE-1420/TE-2210TE-2220IB-4010

5104060

250

YesMaybe

If

NetworkAutomation

FunctionIPAM+DHCP+DNS+DDNS+DNSSEC

Multiply by # of Hosts/Devices

Target 60% capacity at rollout If IPv6 planned for the future, allow at least

2 the number of current hosts/devices Don't forget to include Microsoft Managed

objects (2 per IP address for DNS (A+PTR) and 1 per DHCP reservation/lease)

General Grid If Grid Master is not HA, there MUST be a GMC GM and GMC should be the same model Plan for growth, especially on the GM/GMC Dont run HA between two datacenters if the connectivity is

not redundant (leads to split brain)DNS Firewall RPZ feature should be enabled on the recursive servers closest

to the client Sell with Reporting server for best experience (otherwise

customer will have to use manual syslog+scripts) DNS Firewall has 30% impact on DNS QPS performanceMicrosoft Management Take into account object count of MS objects when planning

for grid capacity Configure at least two DNS servers for AD integrated zones

managed by two different members Each AD domain in a forest needs to be separately configured

for synchronization The managing member for data synchronization should be

located "close" to the MS server being managed (RTT