Re: seemless migration

To: debian-isp@lists.debian.org
Cc: debian-isp@lists.debian.org
Subject: Re: seemless migration
From: Dan MacNeil <dan@thecsl.org>
Date: Sat, 14 Jan 2006 12:25:15 -0500
Message-id: <[🔎] 43C933FB.6000903@thecsl.org>
In-reply-to: <[🔎] 43C913D9.2040108@rcrcomputing.com>
References: <[🔎] 43C913D9.2040108@rcrcomputing.com>

A few random thoughts based on a couple recent moves we've had to make,much of this is probably obvious or irelivant to you.

Moving DNS server IP numbers is different than changing ip# that theyserve.


	You don't control the TTL (time to live) at the
	root servers. You need to change your DNS
	servers ip# now and leave the old ones running
	serving the correct ip# for the new DNS server.

	You also need to change the glue record for your
	DNS servers at your domain's registrar. Usually
	this is something like "add IP# for DNS server"

Even in a well setup system, there are some settings that depend on hardcoded ip#. Firewall rules, postfix "mynetworks", etc. It is probably worth:


	sudo grep $OLDNET /etc/* -d recurse -l

...on all your systems.

You almost certainly do not have to move every thing all at once. If youmove one server at a time, you can learn from your experience and maybeget a night's sleep between moves.

If there will be overlap between your two T1 vendors, you can run yourservers with both the old and new ip numbers for a time.

If some of your customers are running their own DNS (like atregister.com), you should let them know of the move.

You want to adjust both $TTL and the SOA TTL , the later controlsnegative caching, how long "not found" result is cached.


DNS checking tools, http://dnsreports.com are useful

If you are running on a T1, you can almost certainly drop TTL to 1minute. --load on DNS and pipe won't be that high.



###########

Rodney Richison wrote:

Hi

Need to migrate a group of servers to a new T1 line as smoothly as possible.
These servers include all the usual. Dns, mail, http etc.
The reason is, Birch Telecom is getting out of the T1 bussiness and
dropping all the customers. The new provider will be at&t so this will
NOT happen again.

Birch will drop service on Jan 30.  The new line will be installed on
Jan 18.
That doesn't leave much time to mess around.

Primary name server plan:
The plan is to duplicate the primary dns server. One week before the
switch, change the ip at the root. This will bring the primary down
ahead of time but give the world plenty of time to make the switch.
Meanwhile the 3 secondary's can handle things... As the original primary
continues to supply the secondaries..

Sites/Servers plan:
Set all ttl of all dns to 10 minutes 1 week ahead of time.
As soon as the new line is up and reliable, change both primary name
servers with a prebuilt bind setup. Ugghh Sounds like fun.  :)
Then, Switch all servers to the new line and pray...

Any thoughts or suggestions or comments would be greatly appreciated.



--
Dan MacNeil <dan@thecsl.org>
Fearless Leader, Community Software Lab
http://thecsl.org/go/vol

God has no hands or feet or voice except ours, and
through these, God works. (St. Teresa of Avila)

Reply to:

Follow-Ups:
- Re: seemless migration
  - From: Rodney Richison <rodney@rcrcomputing.com>

References:
- seemless migration
  - From: Rodney Richison <rodney@rcrcomputing.com>

Prev by Date: seemless migration
Next by Date: Intel iE7230 and SARGE?
Previous by thread: seemless migration
Next by thread: Re: seemless migration
Index(es):
- Date
- Thread