Migrate domains to different DNS servers

Doug Barton dougb at dougbarton.us
Thu Apr 21 22:56:09 UTC 2011 

On 04/20/2011 00:25, listuser2 at gmail.com wrote:
> Hello all,
>
> We have a couple of BIND 8 DNS servers that we want to decommission,
> obviously we need to migrate the domains to other DNS servers first,
> which ordinarily involves zone transfer and domain re-delegation.

Redelegation, yes. I'm not sure why you think zone transfer is required 
though, since you could conceivably just transfer the zone and 
configuration files.

> However, we do not have control over a lot of the domains (think
> hundreds) on the BIND 8 servers, meaning we cannot re-delegate.
>
> A desperate measure (if you want to call it) is to transfer the zones to
> the new DNS infrastructure then change the A record of the old DNS to
> use the IP address of the new DNS. Effectively the old DNS becomes an
> alias of the new DNS.

Um, what you're saying here doesn't really make sense, nor did your 
(obfuscated) example.

If you are dealing with domains that you cannot redelegate your options 
are extremely limited. You need to keep the hostnames that the zones are 
delegated to alive, since (in an ideal world) the delegations are to 
hostnames. Assuming that there are no glue records that point to the old 
IP addresses, what you _should_ be able to do, assuming that you control 
the domain(s) that the name server records are in is to change the IP 
addresses to those of the new name servers. If that doesn't work what 
you may have to do is to add the old IP addresses as aliases on the new 
systems, and make sure that named is listening on those IP addresses too.

So your steps should be:
* Reduce the TTL on the NS record hostnames to, say, 6 hours or so, then 
wait at least as long as the old TTL before proceeding past the next step
* Get all of the zones on the old servers active on the new ones (likely 
by copying the zone files, and the relevant configuration)
* Once the old TTL has expired, update the host names that the NS 
records are pointed to now to the IP addresses of the new name servers
* Check to make sure that all of the domains are working, at least once 
after you make the change, once again 6 hours later, again 6 hours after 
that, and again about 3 days after you made the change.
* Update the TTL of the NS record hostnames to match what the parent 
has, which is usually 2 days (172800 seconds)
* If desired, redelegate the domains you have control over to the new 
name server hostnames.


hth,

Doug

-- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/

More information about the bind-users mailing list