Change my primary DNS server safely...

Jeff Lightner jlightner at
Fri Feb 27 16:39:08 UTC 2009

In your case it sounds like you're going to have two external IPs.  If so I'd leave the Apache server with BIND running and add the new server as first one at the registrar.  That way anyone that has your old server cached will continue to get to it.  Any new queries hopefully would cache your new server.  

After you're sure the new server is up and running for a few days you can stop BIND on the old one (to reduce load on it).

-----Original Message-----
From: Thomas Manson [mailto:dev.mansonthomas at] 
Sent: Friday, February 27, 2009 10:06 AM
To: Jeff Lightner
Cc: bind-users at
Subject: Re: Change my primary DNS server safely...

Hi Jeff,

  Actually, I've Postfix/Apache2/Bind (primary DNS) on the same
machine which is hosted by one company.

  I want to dedicate a server to be the primary DNS. This server is
hosted by another company. (the first server will be re installed soon
but will stay in the original hosting company).

  The secondary DNS is already a dedicated server.

  So my new primary DNS  is ready and the old server will still be
running (at least for the apache2 service).
  Should I let BIND running on the old server or stop it ?  (whould it
be annoying if the old ip still answer to query ?)


On Fri, Feb 27, 2009 at 14:50, Jeff Lightner <jlightner at> wrote:
> Not sure where the trepidation comes in here.  Hopefully you ARE running
> a slave server as well so if the primary isn't reachable the slave would
> resolve lookups until you fixed any problem.
> Here we've moved our servers from one network provider to another so had
> to change the IPs of the master and the slave at the Network registrars.
> We did those one at a time.  That is to say we first did the slave and
> once we were sure it was resolving correctly and had allowed time for
> everyone's caches to clear (we waited 3 days/72 hours) then we moved the
> master.
> We've also completely replaced both our primary and slave by installing
> new servers and setting them with the IPs.  There again we did it by
> doing one at a time.  For those there was no propagation time since the
> IP stayed the same.
> If you're simply moving your master to a new IP (as the outside world
> sees it) then you'll have to allow time for the caches to clear as we
> did.  If you're simply moving it to a new IP internally then your
> network folks should be able to NAT that IP to the same external IP your
> prior server had.
> -----Original Message-----
> From: bind-users-bounces at
> [mailto:bind-users-bounces at] On Behalf Of Thomas Manson
> Sent: Thursday, February 26, 2009 8:04 PM
> To: bind-users at
> Subject: Change my primary DNS server safely...
> Hello,
>  I need to change the primary DNS server which manage hundreds of
> domains.
>  I've setup the new machine so that it has the correct named
> configuration for each domains (script generated).
>  I plan to change the IP behind the so that it
> points to the new machine.
>  As I feel it's a bit risky to do that, if you have any suggestion,
> I'll be glad to hear it.
> Thanks,
> Thomas.
> _______________________________________________
> bind-users mailing list
> bind-users at
> Please consider our environment before printing this e-mail or attachments.
> ----------------------------------
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
> ----------------------------------

More information about the bind-users mailing list