New IP for Auth Servers
Rich Goodson
rgoodson at gronkulator.com
Wed Sep 16 14:47:29 UTC 2015
Teresa,
Here are the out of zone glue records for mcomdc.com <http://mcomdc.com/> (note the query to a.gtld-servers.net <http://a.gtld-servers.net/>, one of the authoritative servers for the com zone):
rgoodson at bcn-rgoodson1 ~ $ dig @a.gtld-servers.net <http://a.gtld-servers.net/> ns1.mcomdc.com <http://ns1.mcomdc.com/>
; <<>> DiG 9.9.5-P1 <<>> @a.gtld-servers.net <http://a.gtld-servers.net/> ns1.mcomdc.com <http://ns1.mcomdc.com/>
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49533
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 3
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ns1.mcomdc.com <http://ns1.mcomdc.com/>. IN A
;; AUTHORITY SECTION:
mcomdc.com <http://mcomdc.com/>. 172800 IN NS ns1.mcomdc.com <http://ns1.mcomdc.com/>.
mcomdc.com <http://mcomdc.com/>. 172800 IN NS ns2.mcomdc.com <http://ns2.mcomdc.com/>.
;; ADDITIONAL SECTION:
ns1.mcomdc.com <http://ns1.mcomdc.com/>. 172800 IN A 74.84.103.134
ns2.mcomdc.com <http://ns2.mcomdc.com/>. 172800 IN A 74.84.119.134
;; Query time: 79 msec
;; SERVER: 192.5.6.30#53(192.5.6.30)
;; WHEN: Wed Sep 16 09:36:10 CDT 2015
;; MSG SIZE rcvd: 107
rgoodson at bcn-rgoodson1 ~ $ dig +norec @68.66.64.240 ns1.mcomdc.com <http://ns1.mcomdc.com/>
; <<>> DiG 9.9.5-P1 <<>> +norec @68.66.64.240 ns1.mcomdc.com <http://ns1.mcomdc.com/>
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50438
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ns1.mcomdc.com <http://ns1.mcomdc.com/>. IN A
;; ANSWER SECTION:
ns1.mcomdc.com <http://ns1.mcomdc.com/>. 300 IN A 97.64.168.6
;; AUTHORITY SECTION:
mcomdc.com <http://mcomdc.com/>. 300 IN NS ns1.mcomdc.com <http://ns1.mcomdc.com/>.
mcomdc.com <http://mcomdc.com/>. 300 IN NS ns2.mcomdc.com <http://ns2.mcomdc.com/>.
;; ADDITIONAL SECTION:
ns2.mcomdc.com <http://ns2.mcomdc.com/>. 300 IN A 68.66.64.240
;; Query time: 51 msec
;; SERVER: 68.66.64.240#53(68.66.64.240)
;; WHEN: Wed Sep 16 09:36:49 CDT 2015
;; MSG SIZE rcvd: 107
What you need to do is log in to Network Solutions (your registrar) and update the IP addresses that they have for ns1.mcomdc.com <http://ns1.mcomdc.com/> and ns2.mcomdc.com <http://ns2.mcomdc.com/>. They in turn will update the ‘com’ zone with new glue records for ns1.mcomdc.com <http://ns1.mcomdc.com/> and ns2.mcomdc.com <http://ns2.mcomdc.com/>.
-Rich
> On Sep 16, 2015, at 9:23 AM, Teresa Campbell <tcampbell at mediacomcc.com <mailto:tcampbell at mediacomcc.com>> wrote:
>
> I recently moved my two authoritative servers to new servers on new IP's. I did it slowly leaving the old servers up so that everyone would have time to receive the new IP for my domain. When I query everything from google's free DNS servers to my own recursive servers I show the new IP's, which is what I expected. It has been a month since I moved to the new IP's, however I am still see a ton of query's going to the old Auth servers. My authoritative servers do not have recursive turned on so all the traffic I am seeing is coming from other DNS servers and they are querying my domains for records. Did I miss something? Is that normal? Is it safe to just turn the old servers off?
>
> Here are the queries I am seeing in the logs
>
> 16-Sep-2015 09:00:16.807 client 78.140.179.9#22202 (ns2.mcomdc.com <http://ns2.mcomdc.com/>): query: ns2.mcomdc.com <http://ns2.mcomdc.com/> IN A -EDC (74.84.103.134)
> 16-Sep-2015 09:00:16.882 client 63.79.12.161#20765 (ns1.mcomdc.com <http://ns1.mcomdc.com/>): query: ns1.mcomdc.com <http://ns1.mcomdc.com/> IN A -EDC (74.84.103.134)
>
>
> Here is the process I followed to move to the new IP's.
>
> I brought up my new servers with the new IP's. I changed the A record for ns1.mcomdc.com <http://ns1.mcomdc.com/> on all 4 of the servers (old and new) to the new IP address. I waited a few hours to confirm it all looks good, then made the change to ns2.mcomdc.com <http://ns2.mcomdc.com/>. I then left all 4 servers up for 72 hours and came back and confirmed every major free recursive DNS server had the new ns server IP's and any changes I made to the new server and not the old where propagating across the internet. I am not sure it matters here but I am running BIND 9.10.2-P4
>
> Thanks,
>
> Teresa Campbell
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users <https://lists.isc.org/mailman/listinfo/bind-users> to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/bind-users <https://lists.isc.org/mailman/listinfo/bind-users>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150916/bca051c3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4127 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150916/bca051c3/attachment-0001.bin>
More information about the bind-users
mailing list