RE: Gothcas of changing the IP Address of an Authoritative DNS Server

["Hannigan, Martin" <hannigan () verisign com>]

> On 14-Dec-05, at 10:02 AM, Joe Abley wrote:
> > You also want to check all the registries which are superordinate  
> > to zones your server is authoritative for, and check that any IP  
> > addresses stored in those registries for your nameserver are  
> > updated, otherwise you will experience either immediate or future  
> > glue madness.
> >
> > A conservative approach to this kind of transition is to arrange  
> > for your nameserver (or different nameservers hosting the same  
> > data) to respond on both the old and new addresses, and to 
> continue  
> > in that mode until you see no queries directed at the old address  
> > for some safe-seeming interval (bearing in mind TTLs and cached  
> > records, alluded to by Steven and Sam).
>
> If you have access customers (Dial/Broadband/etc) make sure 
> they know  
> the IP for your DNS server is changing incase they hardcode IP of  
> your DNS server into their PCs.

It might be wise to keep the old addrs as host routes on interface
aliases on the same machine for simplicity sake. (Joe said that kinda). 
Both unix and cisco support this. You will likely not miss a beat 
if you're able to do this and see who's using 
the old addrs(hard coded) after the TTL expires - methinks.

If you really care, you could chase down your hard coded users
or just shut down and force them to call. The number would dictate which
one I suppose.


-M<