Page Comparison

Small Authoritative DNS

Medium Authoritative DNS

Large Authoritative DNS

Recursive DNS (without acceleration)

Large Recursive DNS (without acceleration)

Small Grid Master

Medium Grid Master

Large Grid Master

Small Recursive DNS (with acceleration)

Medium Recursive DNS (with acceleration)

Large Recursive DNS (with acceleration)

Tiered licensing

Licensing is based on the Flex Grid Activation license on the Grid. Note that the queries per second are limited by the number of CPUs for IB-FLEX.

RPZ

Yes, the maximum cache lifetime for DNS cache acceleration is set to 300 seconds if RPZ zones are configured for the member.

Caching (A, AAAA, MX, CNAME, PTR)

Yes

Do not cache: EDNS, TCP, Any, TSIG

Yes

Caching over additional interfaces (v4, v6)

Yes

Dump Acceleration Cache (CLI, GUI, PAPI)

Yes

Clear Acceleration Cache (CLI, GUI, PAPI)

Yes

Cache pre-fetch and cache refresh

Yes

ACLs (Allow-queries/Responses, Match-Clients/Destination, Blackhole)

Yes

AAAA Filtering (Bypassed but support configuring)

Yes

Fixed RRSET ordering

Yes

DNS64

No

DNS monitoring feature (netmon)

Yes, but unlike IB-4030 this feature captures DNS cached queries on the virtual DNS cache acceleration platform.

DNS Query logging (BIND only)

Yes

DNS Views

Yes, supports up to six DNS views.

Forward/Stub zones

Yes

Unbound as DNS resolver

Yes, unbound is supported through the Flex Grid Activation license.

DNS cache acceleration related restrictions for configuration.

Yes, for NIOS version 8.2.0 restrictions are enforced based on whether the DNS cache acceleration feature is enabled or disabled.

Reporting

Yes, please see Reports for IB-FLEX.

VLAN

No, Infoblox does not support VLAN for virtual appliances.

DSCP

No, Infoblox does not support DSCP for virtual appliances.

Sort list

No

Anycast (OSPF and BGP)

Yes

BFD (Bidirectional Forwarding Detection)

Yes

HA Support

Valid only for non-SRIOV.

NIC Bonding

No

Multiple-Interfaces on same subnet

No

IP Rate-limit and Response logging

No

EDNS Client Subnet support

No

NXDOMAIN redirection

Yes

DNSSEC (Bypassed but support configuring)

Yes

Debug enhancements

Yes

SNMP Support for DCA service related traps

Yes

SNMP stats support for DNS QPS and CHR

Yes

NX Mitigation

No

NetFilter (Tracking tables)

No

Traffic-capture (All modes)

Yes, partial support. Note that tcpdump captures both queries and responses.

No flush-mode support for DNS cache acceleration cache

Yes

Per-interface UDP DNS cache acceleration response counters

Yes

CLI commands

You can use the commands set dns-accel and show dns-accel to view and set DNS cache acceleration information. For more information, refer to the /wiki/spaces/NCG8/overview.

DNS Query rewrite (Bypassed but supports configuring)

No

Threat Protection

Supported on IB-FLEX platforms, but you cannot enable Software ADP and
DNS cache acceleration simultaneously.

DNS Query Rate by Query Type

Flex Grid Licensing Features Enabled

DNS Query Rate by Member

CPU Utilization Trend

DNS Daily Query Rate by Member

DNS RPZ Hits Trend By Mitigation Action

Memory Utilization Trend

DNS Daily Peak Hour Query Rate by Member

DNS Replies Trend

DNS Cache Hit Rate Trend

DNS Top Requested Domain Names

DNS Top NXDOMAIN / NOERROR (no data)

DNS Top Clients

DNS Top Timed-Out Recursive Queries

DNS Response Latency Trend

DNS Top SERVFAIL Errors Sent

DNS Top SERVFAIL Errors Received

DNS Object Count Trend for Flex Grid License

DNS Effective Peak Usage Trend for Flex Grid License