Moving a DNS servers IP address.
Ketil Froyn
bind at ketil.froyn.name
Mon Sep 8 23:52:17 UTC 2003
On Mon, 8 Sep 2003, Dan Brown wrote:
> We are currently moving one of our DNS servers from one network to
> another (ns1.amana.ca/ns1.amanah.net - from 204.83.155.145 to
> 198.169.127.195). Approximately a week ago we changed all of the SOA
> expiration record times for amanah.net and amana.ca to be 3 hours so
> that (hopefully) other dns servers querying ours for records would not
> keep our zone records cached long.
The SOA record is not used for resolving, so that isn't important. What is
important is the TTL of the A record stating the IP for ns1.amana.ca/
ns1.amanah.net.
If you want to do this seamlessly, you should keep both the old and the
new server available until all of the A records in caches around the world
have expired. You can't change the TTL handed out by the .ca and .net
servers, so this is going to be minimum 48 hours. Since you probably don't
want to sit around and watch when the .net and .ca zones are updated with
your new IP, you can just add another day or so, which means you should
keep both servers running and updated for about 3 days after you have set
up the new box, changed the IP handed out by your name servers, and
reported the IP change to your registrar.
> The problem I am trying to avoid is to have ns1.amana.ca being
> referenced by it's old IP address for a lengthy period of time. Our
> ns2.amanah.net for example was switched over to a different IP address
> (a 64.42.215.5) a couple of weeks ago and yet it is still being
> referenced by it's old IP address (204.83.155.146) by some (TLD)
> nameservers.
> Now both of these domains are registered at opensrs.net and have their
> IP listed by whois as the old IP addresses. (I think the IP should be
> changed here as well since they serve the domains they are on, my boss
> thinks they will update automagically.)
I can't imagine opensrs.net would do that. You need to register the right
IP of the name server with the registrar so that they can update the TLD
server.
If you take down ns2 on the old IP, you might get in trouble, Only after
resolvers have asked ns1 (or tried ns2 on the old address, failed, and
then asked ns1) will they receive the new correct IP for ns2, and start
querying it successfully. In other words, all clients would have to query
ns1 to be able to query ns2, making your name server redundancy virtually
pointless.
Good luck with the update.
Ketil Froyn
ketil at froyn.name
http://ketil.froyn.name/
http://www.personalnames.com/ - get your .name
More information about the bind-users
mailing list