NetDB: Stanford's Network Administration Tool

Who’s This For?

This presentation is primarily for system and network administrators looking for a robust, intuitive, scalable, and customizable tool for managing DHCP, DNS, IP addresses, address spaces, host information, etc. As an enterprise system, NetDB is best for networks with over several thousand hosts and multiple administrators.

Summary & Strengths

For over 20 years, NetDB has been the core network administration tool for the Stanford University network (SUNet). The key idea is that NetDB should contain the “ideal” model of SUNet’s physical components and logical relationships.

Essential Features

• NetDB provides source data for campus DNS and DHCP services. Rules for DNS naming, IP address assignment, and uniqueness are enforced.

• Granular authorization of nodes, IP address ranges, DNS domains, and record types allows multiple users to maintain their own DNS/DHCP/host info without interfering with others.

• Node model allows for complex but intuitive aggregations. For example, an advanced node record easily shows a web server with multiple interfaces associated with multiple IP addresses and names with DNS PTR preferences.

• Interfaces include Web, command line, Whois, and Java RMI. Command line allows for easy scripting and bulk changes (e.g., renumber whole network). Java RMI is used by other applications to automatically register hosts.

• Intuitive web interface means 15 minutes of training with almost no followup.

• Search allows wildcards and booleans on all record fields with customizable display and format. Log search also allows tracking of IP address changes.

• Custom node fields allow users to easily store their own host information. Custom views quickly allow even more sophisticated customizable data (e.g., known services given server to be exported to firewall config).

• Highly normalized database allows easy report generation (e.g., IP address usage, site license counts).

• NetDB is released under GNU Public License. It does rely on Oracle but works fine with the free Oracle Express version.

Records

NetDB models actual networks with six record types: Node, Network, Domain, User, Admin Team, and Group.

Nodes also have types: regular, Template, Advanced, Router, and IPC (hosts that pass out IPs like terminal servers) that allow for complex relationships between interfaces, IP addresses, and DNS Names. For example, one node record can represent a web server with two interfaces: one for management (web-mgmt1.demo.org=10.0.1.5 with dhcp options for pxeboot), one serving several web sites on different IPs (web1.demo.org=10.0.1.11, web2.demo.org = 10.0.1.12). Another record can represent a loptop with a static IP on the user’s home net and dynamic and/or static IPs on the wireless interface.

Authorization

• Users, records, IP address ranges, DNS domains are all associated with Groups. To modify a record, a user must have both record type and group rights.

• Users can only assign IP addresses from address ranges associated with their group.

• Users can only assign DNS names from domains associated with their group.

Virtualization Support Command line support allows easy loading of new nodes into NetDB. Nodes can be created based on another node for easy configuration. Stanford’s DHCP servers refresh from NetDB data in less than 10 minutes.

Futures Planned enhancements include the following:

• regular expression support in Full Search (Q2 2008)
• IPv6
• keytab authorization
• ruby bindings for custom NetDB programming

More info

• Download & support
• Web interface manual
• Command-line usage