Primary Server Name Change

CT groups at obsd.us
Fri May 13 10:43:50 UTC 2011 

On 05/12/2011 08:15 PM, Mark Andrews wrote:
> In message<4DCC225F.8000701 at obsd.us>, CT writes:
>> Primary Name server
>> bind    - 9.7.3
>> OS    - CentOS 5.6
>> Authoritative for 2 zones using DNSSEC
>>
>> This may be an obvious question but I will ask anyway.. :)
>>
>> I want to change the name of the server
>> from
>> old.zone1.com
>> to
>> new.zone2.com
>>
>> IP Address - no change
>>
>> - change soa in master zone files
>> - work with slaves to make sure named.conf are correct
>>
>> Other than that are there any gotchas.. ??
>>
>> I am wondering if I will have to "unsign" my zones
>> and the upload new keysets to the registrar.
> To do a graceful transition to a new nameserver you should.
>
> * Commision the new nameserver.
> * Add the new address records and wait for them to propogate to
>    all authoritative servers and any cached negative responses for
>    them to expire.
> * Add the NS record for the new nameserver.
> * Update the parent zone to ADD the new nameserver and glue.
> * Wait for the old NS RRet and referrals to expire from caches.
> * Remove the NS record for the old nameserver.
> * Update the parent zone to REMOVE the old nameserver and glue.
> * Wait for the intermediate NS RRet and referrals to expire from caches.
> * Remove the old address records if they are no longer required.
> * Decommision the old nameserver.
>
> As the addresses of the new and old nameservers are the same you
> can shorten this process a little.
>
> * Add the new address records and wait for them to propogate to
>    all authoritative servers and any cached negative responses for
>    them to expire.
> * Update the NS RRset
>   + Add the NS record for the new nameserver.
>   + Remove the NS record for the old nameserver.
> * Update the parent zone
>   + Update the parent zone to ADD the new nameserver and glue.
>   + Update the parent zone to REMOVE the old nameserver and glue.
> * Wait for the old NS RRet and referrals to expire from caches.
> * Remove the old address records if they are no longer required.
>
> In all cases you re-sign the zone whenever you make changes to it.
>
>> Thx
>> CT
>> _______________________________________________
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
Mark,
Thank you for your very succinct response..

Exactly what I needed..

CT

More information about the bind-users mailing list