Merging DNS servers

Petr Špaček pspacek at isc.org
Wed Apr 27 08:17:36 UTC 2022 

On 26. 04. 22 19:47, Bob Harold wrote:
> On Tue, Apr 26, 2022 at 11:36 AM Leroy Tennison via bind-users 
> <bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>> wrote:
> 
>     I am working on shutting down a site which has an isc-bind server
>     that is master for a domain and subnet which will exist elsewhere
>     once the site is closed.  The few remaining systems don't warrant
>     such a server.  My goal is to merge what remains of the
>     domain/subnet into an existing server which is master for other
>     domains/subnets.  My current thinking is to:
> 
>     freeze changes on the server being retired (fortunately DHCP's DDNS
>     won't be an issue by that point)
>     shut down that server
>     take the data files (forward and reverse zone with associated
>     journal files) and place them on the remaining server
>     make sure the data file types are consistent
>     change the the remaining server's type from slave to master for the
>     zones in question
>     restart the remaining server
> 
>     Is this a good plan?  If not, how should I proceed?
>     Anything I'm missing?
> 
>     Thanks in advance for your input.
>     -- 
> 
> Sounds good to me.  If you use "rndc freeze", then you should not need 
> to copy the journal files.   If there are any other secondary servers 
> (and you almost always want more than just the master), then change 
> those to pull from the new server, and make sure that is working, before 
> starting the steps you listed.

It's almost but incomplete - first step is missing.

The very first step should be removing references to to-be-removed 
server from NS set **in the parent zone** and also in the zone files you 
control, and also clearing up glue records in the parent.

Then wait for (max TTL + propagation delay) computed over all RR sets 
modified **in parent and child**, and only _then_ you can shutdown the 
old server.

Pro tip: You can lower the TTLs before so it you do not need to wait 
that long when the shutdown event is due.

Commands:
$ rndc sync -clean
$ rndc stop

... might be a good idea as well, I think.

-- 
Petr Špaček

More information about the bind-users mailing list