Switching Host

Barry Margolin barmar at alum.mit.edu
Fri Jul 9 00:22:24 UTC 2004 

In article <cckmg8$1pv5$1 at sf1.isc.org>,
 "Josh Knepfle" <josh at sparkpeople.com> wrote:

> "Barry Margolin" <barmar at alum.mit.edu> wrote in message
> news:cci308$2hiu$1 at sf1.isc.org...

> > What happens is that every time a server queries the old ISP's servers,
> > the response includes the domain's NS records in the Authority section,
> > and these update the TTLs of those records.  As long as it queries the
> > old servers more often than the old TTL, the old NS records will never
> > expire from the cache, and the server will never have to go to the TLD
> > server to get new NS records.
> 
> So does this say that unless you have the cooperation of your "old" ISP,
> people are not going to be able to get to your servers at the new host?  Is
> this a known issue with the whole system?

Yes, this is a longstanding problem that frequently bites people when 
they switch DNS providers.

> 
> >
> > What you should do is tell the old ISP to configure their servers as
> > slaves to the new ISP (if your new ISP blocks zone transfers by default,
> > you need to have them add the old ISP's servers to the ACL).  That way,
> > they'll give out the *new* NS records, and the old ones will soon expire
> > from caches.
> 
> Would it also work to totally remove the zone files for our domains?  My
> theory is that anyone asking our old ISP "where we are" would not get a
> response, so would go to "higher authorities".

That will generally work as well, although it has the potential for 
intermittent problems during the transition.  Some caching servers might 
not fail over as hoped when they get the lame response, so they won't 
switch over to you until their cached NS records expire.  But it will 
definitely solve the problem of the obsolete NS records persisting 
indefinitely.

At the ISP I used to work for, we periodically checked all the zones 
that were in our named.conf, to make sure they were still delegated to 
us.  That way we could get rid of zones when a customer switched to 
another DNS provider without telling us.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***

More information about the bind-users mailing list