I’m glad to tell you all that we released a new version of Nixu NameSurfer Suite, 6.0.2, last week – please click here for the related announcement. The new major feature in this version is support for authoritative slave NSD servers. As many of you know, NSD is an authoritative only, high performance, simple and open source name server run by root name servers and TLDs around the world.

There are basically two reasons why we chose to go down this path:

• First, as the Domain Name System is largely dominated by BIND servers, Nixu Software wants to encourage running NSD instead as these servers are not vulnerable to the same exploits as the majority of plain BIND installations that make up some 80% of all public DNS servers out there. Even if there was a vulnerability that addressed all versions of BIND, the NSD servers would still continue to hum along nicely thereby ensuring the general availability of DNS.

• Second, at Nixu Software, we want to advocate freedom of choice and open standards. As Nixu NameSurfer Suite now supports Nixu SNS, BIND and NSD secondaries, end-users can choose and manage name servers that best meet their requirements. Also, it’s now easier and more cost-efficient for organizations to protect their DNS against software vulnerabilities and exploits, as a single organization can run a mixture of different name servers while managing those centrally from a single Nixu NameSurfer Suite installation.

To try out Nixu NameSurfer Suite and NSD secondaries, please click here for a free evaluation. To make things as straight-forward as possible, we’ve included NSD in the Nixu NameSurfer Suite distribution package so that you do not have to download it separately.

About two weeks ago, I met up with a coder who asked what Nixu Software does. After describing him our tireless effort on creating secure and simple-to-use DNS and IP addressing solutions, his remark was: “I thought DNS had already been solved.” While I’m something of a verbose fellow, I was left speechless and tried to relocate my lost mental balance by mumbling something about the discontinuity created by infrastructure virtualization. But deep down inside, I couldn’t believe what this guy was saying – perhaps the focus areas of Bridgestone and Michelin are also beyond him as Charles Goodyear invented vulcanized rubber already in 1839!

Although one could easily be led to think that DNS and tires share absolutely nothing in common, they actually make for a nice analogy. Think about it: if the 600+ million cars in the world today had tires that were engineered and designed in the 19th century – with beautifully crafted wooden rims and all – I’m sure there would be a lot more accidents than there are today. Equally, if you think about how large the Internet was when DNS was invented back in the early 80s and people started running plain BIND on homegrown DNS servers, and compared that number with the 10+ million DNS servers and the amount of TCP/IP traffic there is today, you’d be hard-pressed to think that the way things are done would have changed fairly significantly along the way. Yet it hasn’t.

And this, my dear readers, is where the rubber meets the road. Although BIND continues to be a viable application in itself – very much like vulcanized rubber – developing the code alone does not a day make, as it does very little to solve the security problems associated with Domain Name System. After all, in many cases, the security problems experienced with DNS stem from insecure system configurations, simple typos or wrong syntax, and non-existent maintenance processes begging for software vulnerabilities. This isn’t something plain BIND alone is designed to handle, as it’s just a name server that is no more reliable than the process you have in place for running the installation.

In our case, we’ve productized pieces of DNS server and management software – Nixu NameSurfer Suite for centralized name and address space management and Nixu Secure Name Server (SNS) designed to be operated as authoritative and/or caching DNS server – into software appliances that include the entire software stack from hardened operating system (CentOS) all the way up to the application layer. They install natively on selected virtual machines and pretty much any x86 hardware, provide automation for upgrading software components to keep vulnerabilities at bay, provide automated entry validations, and user-friendly tools for the management side of things. In short, they automate the processes associated with running DNS.

All in all, I’m certain DNS has not already been solved. Just like Bridgestone, Michelin and Goodyear who still find ways to improve vulcanized rubber, I am confident Nixu Software can do the same to DNS for the years to come.

Today, I came across with a paper by Butler Group on Infrastructure Virtualization. To read the management summary of the paper, please click here.

To provide you with a quick recap, here’s my personal top-3 of the interesting points:

• “Butler Group believes that even greater benefit can be obtained through the strategic adoption of virtualisation in the data centre, and that infrastructure running cost-reductions in the order of 40-60% are certainly attainable in many cases.”

• “The arguments for IT virtualisation are compelling, especially in large data centres; and so Butler Group believes that virtualisation will undoubtedly become the norm over the next two to three years.“

• “Software licensing and vendor support models have yet to catch up with the IT virtualisation market, and so early adopters are struggling to operate fully-compliant IT environments.“

Seems like the analyst community is gradually picking up on what we at Nixu Software have been saying for more than a year now. Although, coming to think of it, ’saying‘ may not be quite the best term to describe our position, as I’ve been going on about virtualized DNS and IP addressing environments ’till I’m red in the face… And then some!

Anyways, what the analyst community has obviously not caught on (yet) is that certain software licensing and vendor support models HAVE already caught up with the IT virtualization market. After all, our software appliance approach is ideally suited for virtualized environments. To verify this yourself, please download any Nixu Product for free evaluation and install it on for example VMware Server. As all Nixu Products are distributed as software appliances (i.e. auto-installing ISO images), all you have to do is to boot up a new virtual machine using our ISO image. For further details, please read our White Paper on Virtualized DNS and IP Addressing Environments.

As the cost of annual Nixu Secure Name Server (SNS) or Nixu DHCP Server subscription is only $495 (US) / server / year including maintenance & support, not only setting up secure DNS and DHCP servers has never been this easy, it has never been this cost-efficient either!

It’s been almost a year now since the last time I’ve covered ecological DNS and IP addressing here. But as everything green remains as hip, in and pop as ever, I thought I’d touch base on that topic again. After all, assuming that the poles keep on melting and that the cost of energy continues its steady climb, energy efficient IT will keep on climbing in priority. This is simply because the more expensive energy becomes, the larger the impact it will have on the bottom-line. Quite self-evident, really.

Now, if you go back to my earlier blog entry on ecological Domain Name System, I argued that to preserve nature and to reduce energy consumption, it would make sense to move away from purpose-built computing appliances running on a specific piece of hardware (“hardware appliance”), and move on to running software appliances on general-purpose servers. This is simply because general-purpose servers tend to be much more efficiently manufactured and distributed than computing appliances due to their razor-thin margins that do not justify the cost of long, inefficient supply chains. And as far as software appliances are concerned, they are delivered electronically which translates to extremely efficient ecological footprint. You can do the math I’m sure.

The trouble is that the above only applies if you’re expecting to replace your existing servers in the first place, or expect to set up new ones. If your existing hardware was still running like a Buick (a Finnish idiom – it means that something runs very reliably ), it would make better sense simply to replace the existing software with a software appliance and continue to run it on the same hardware until it wears out. But even then, there’s no denying that when it comes to traditional x86 based servers – whether general purpose or hardware appliances – they consume roughly the same amount of energy after they have been delivered to your doorstep and you’ve powered them up.

And herein lies the problem: because of the sheer computing power modern x86-based servers have, a typical piece of hardware used for DNS and IP addressing purposes consumes only some 10-20% of their computing power 99% of the time. Yet because these modern servers consume pretty much the same amount of energy regardless of how large a percentage of their CPU(s) they actually utilize at any given time, they end up wasting quite a lot of scarce resources. Add in the amount of energy that is used to cool off the server room that was heated up by the server that used only 10-20% of its CPU – and the fact that there are tens of millions of DNS and DHCP servers out there – and you begin to understand the magnitude of the energy wasted globally on DNS and IP addressing every single year.

Thankfully, you can virtualize your way out of this. By migrating your DNS and IP addressing system to a virtualized operating environment such as VMware Virtual Infrastructure 3, you’ll be able to optimize the energy consumption associated with these services and save a bundle on energy. But even more importantly, your grandchildren will thank you one day for having done that.