DNS migration strategy
listuser2@gmail.com
listuser2 at gmail.com
Thu Aug 5 07:17:28 UTC 2010
Hello all,
We are in preparation to migrate all zones from a Bind 8 server to a Bind 9
server. The Bind 9 servers are up and running in production. On the Bind 8
server, we have a domain that has a very large zone file, it contains around
1,000 resource records.
Ordinarily we would do AXFR from the Bind 9 server, check to make sure all
the records resolve correctly, and then do the registrar update. For a very
large zone, is there any migration strategy involved to ensure a smooth
transition?
Someone suggested to do it in 2 steps by adding an additional hop, that is:
1) replicate the zone from the Bind 8 server to the Bind 9 server
2) replace the zone file on the Bind 8 server to something like this:
company.com. 3600 IN NS Bind9NS1.company.com.
company.com. 3600 IN NS Bind9NS2.company.com.
So the Bind 8 server is still authoritative, but it simply redirects DNS
queries to the Bind 9 server. After everyone is happy, make the Bind 9
server authoritative for this domain. Is there any advantage doing it this
way?
Another suggestion was to reduce the TTL value to 10 minutes or lower, so if
anything goes wrong that requires rollback it would not take ages. However,
the TTL of NS records in the global TLD servers are all set to 172800
seconds (48 hours), so no matter how low the TTL is it can still take up to
48 hours to correct a problem if it involves redelegation, right?
I have tried to google for some "best practice" but nothing much came up. If
there's any useful links that you know of please let me know as well.
Any input is welcome and appreciated!
Cheers!
Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100805/6a4049cb/attachment.html>
More information about the bind-users
mailing list