New IP for Auth Servers
Reindl Harald
h.reindl at thelounge.net
Wed Sep 16 14:30:27 UTC 2015
http://www.intodns.com/mcomdc.com
Nameserver records returned by the parent servers are:
ns1.mcomdc.com. ['74.84.103.134'] [TTL=172800]
ns2.mcomdc.com. ['74.84.119.134'] [TTL=172800]
h.gtld-servers.net was kind enough to give us that information.
Looks like the A records (the GLUE) got from the parent zone check are
different than the ones got from your nameservers. You have to make sure
your parent server has the same NS records for your zone as you do.I
detected some problems as follows:
For ns2.mcomdc.com the parent reported: ['74.84.119.134'] and your
nameservers reported: ['68.66.64.240']
For ns1.mcomdc.com the parent reported: ['74.84.119.134'] and your
nameservers reported: ['97.64.168.6']
Am 16.09.2015 um 16:23 schrieb Teresa Campbell:
> I recently moved my two authoritative servers to new servers on new
> IP's. I did it slowly leaving the old servers up so that everyone would
> have time to receive the new IP for my domain. When I query everything
> from google's free DNS servers to my own recursive servers I show the
> new IP's, which is what I expected. It has been a month since I moved to
> the new IP's, however I am still see a ton of query's going to the old
> Auth servers. My authoritative servers do not have recursive turned on
> so all the traffic I am seeing is coming from other DNS servers and they
> are querying my domains for records. Did I miss something? Is that
> normal? Is it safe to just turn the old servers off?
>
> Here are the queries I am seeing in the logs
>
> 16-Sep-2015 09:00:16.807 client 78.140.179.9#22202 (ns2.mcomdc.com):
> query: ns2.mcomdc.com IN A -EDC (74.84.103.134)
> 16-Sep-2015 09:00:16.882 client 63.79.12.161#20765 (ns1.mcomdc.com):
> query: ns1.mcomdc.com IN A -EDC (74.84.103.134)
>
>
> Here is the process I followed to move to the new IP's.
>
> I brought up my new servers with the new IP's. I changed the A record
> for ns1.mcomdc.com on all 4 of the servers (old and new) to the new IP
> address. I waited a few hours to confirm it all looks good, then made
> the change to ns2.mcomdc.com. I then left all 4 servers up for 72 hours
> and came back and confirmed every major free recursive DNS server had
> the new ns server IP's and any changes I made to the new server and not
> the old where propagating across the internet. I am not sure it matters
> here but I am running BIND 9.10.2-P4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150916/c56ccf43/attachment.bin>
More information about the bind-users
mailing list