Re: seemless migration

To: debian-isp@lists.debian.org
Subject: Re: seemless migration
From: Rodney Richison <rodney@rcrcomputing.com>
Date: Sat, 14 Jan 2006 23:23:39 -0600
Message-id: <[🔎] 43C9DC5B.1010506@rcrcomputing.com>
In-reply-to: <[🔎] 43C933FB.6000903@thecsl.org>
References: <[🔎] 43C913D9.2040108@rcrcomputing.com> <[🔎] 43C933FB.6000903@thecsl.org>

Not only are these comments welcome, they are greatly appreciated. This
was the type of discussion I was hoping for!

Dan MacNeil wrote:

> A few random thoughts based on a couple recent moves we've had to
> make, much of this is probably obvious or irelivant to you.
>
> Moving DNS server IP numbers is different than changing ip# that they
> serve.
>
>     You don't control the TTL (time to live) at the
>     root servers. You need to change your DNS
>     servers ip# now and leave the old ones running
>     serving the correct ip# for the new DNS server.

Simply change the a record for the primary name server to the duplicate
machine while the glue record is propagating?  I hadn't thought of this.

>
>  
> Even in a well setup system, there are some settings that depend on
> hard coded ip#. Firewall rules, postfix "mynetworks", etc. It is
> probably worth:
>
>     sudo grep $OLDNET /etc/* -d recurse -l
>
> ...on all your systems.

More "jewels"
While I have a written play-by-play calendar plan, this will certainly help!

>
> You almost certainly do not have to move every thing all at once. If
> you move one server at a time, you can learn from your experience and
> maybe get a night's sleep between moves.

agreed. Though I'd sure like to get this behind me. I'm sweating bullets
over this...

>
> If there will be overlap between your two T1 vendors, you can run your
> servers with both the old and new  ip numbers for a time.

For 1 to two weeks. I had completely forgotten I could do this with
debian. I just now found the below example.

auto eth0:0
iface eth0:0 inet static

    address 192.168.1.41
    netmask 255.255.255.0
    broadcast 192.168.1.255

auto eth0:1
iface eth0:1 inet static

    address 192.168.1.44
    netmask 255.255.255.0
    broadcast 192.168.1.255


>
> If some of your customers are running their own DNS (like at
> register.com), you should let them know of the move.
> You want to adjust both $TTL and the SOA TTL , the later controls
> negative caching, how long "not found" result is cached.
>
> DNS checking tools, http://dnsreports.com are useful
>
> If you are running on a T1, you can almost certainly drop TTL to 1
> minute. --load on DNS and pipe won't be that high.
>
>
If I haven't said it clearly enough, thank you very much. 2 or three
heads are always better than one. The input makes me feel better and
introduces more alternatives.

-- 
Highest Regards,

Rodney Richison
RCR Computing
http://www.rcrnet.net
118 N. Broadway
Cleveland, OK  74020
918-358-1111

Reply to:

Follow-Ups:
- Re: seemless migration (glue records vs bind primary & secondary servers)
  - From: Dan MacNeil <dan@thecsl.org>

References:
- seemless migration
  - From: Rodney Richison <rodney@rcrcomputing.com>
- Re: seemless migration
  - From: Dan MacNeil <dan@thecsl.org>

Prev by Date: Re: [Weird problems with INTEL Ethernet Card]
Next by Date: Re: [Weird problems with INTEL Ethernet Card]
Previous by thread: Re: seemless migration
Next by thread: Re: seemless migration (glue records vs bind primary & secondary servers)
Index(es):
- Date
- Thread