nanog mailing list archives
RE: Gothcas of changing the IP Address of an Authoritative DNS Server
From: "Hannigan, Martin" <hannigan () verisign com>
Date: Wed, 14 Dec 2005 12:29:48 -0500
On 14-Dec-05, at 10:02 AM, Joe Abley wrote:You also want to check all the registries which are superordinate to zones your server is authoritative for, and check that any IP addresses stored in those registries for your nameserver are updated, otherwise you will experience either immediate or future glue madness. A conservative approach to this kind of transition is to arrange for your nameserver (or different nameservers hosting the same data) to respond on both the old and new addresses, and tocontinuein that mode until you see no queries directed at the old address for some safe-seeming interval (bearing in mind TTLs and cached records, alluded to by Steven and Sam).If you have access customers (Dial/Broadband/etc) make sure they know the IP for your DNS server is changing incase they hardcode IP of your DNS server into their PCs.
It might be wise to keep the old addrs as host routes on interface aliases on the same machine for simplicity sake. (Joe said that kinda). Both unix and cisco support this. You will likely not miss a beat if you're able to do this and see who's using the old addrs(hard coded) after the TTL expires - methinks. If you really care, you could chase down your hard coded users or just shut down and force them to call. The number would dictate which one I suppose. -M<
Current thread:
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server, (continued)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server Sam Crooks (Dec 13)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server Steven M. Bellovin (Dec 13)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server Joe Abley (Dec 14)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server Joe Maimon (Dec 14)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server Joe Abley (Dec 14)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server David W. Hankins (Dec 14)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server Steven M. Bellovin (Dec 13)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server Jason Lixfeld (Dec 14)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server bmanning (Dec 14)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server Joe Abley (Dec 14)
- Re: Gothcas of changing the IP Address of an Authoritative DNS Server Sam Crooks (Dec 13)