On 05/12/2011 08:15 PM, Mark Andrews wrote:
In message<4dcc225f.8000...@obsd.us>, CT writes:
Primary Name server
bind - 9.7.3
OS - CentOS 5.6
Authoritative for 2 zones using DNSSEC
This may be an obvious question but I will ask anyway.. :)
I want to change the name of the server
from
old.zone1.com
to
new.zone2.com
IP Address - no change
- change soa in master zone files
- work with slaves to make sure named.conf are correct
Other than that are there any gotchas.. ??
I am wondering if I will have to "unsign" my zones
and the upload new keysets to the registrar.
To do a graceful transition to a new nameserver you should.
* Commision the new nameserver.
* Add the new address records and wait for them to propogate to
all authoritative servers and any cached negative responses for
them to expire.
* Add the NS record for the new nameserver.
* Update the parent zone to ADD the new nameserver and glue.
* Wait for the old NS RRet and referrals to expire from caches.
* Remove the NS record for the old nameserver.
* Update the parent zone to REMOVE the old nameserver and glue.
* Wait for the intermediate NS RRet and referrals to expire from caches.
* Remove the old address records if they are no longer required.
* Decommision the old nameserver.
As the addresses of the new and old nameservers are the same you
can shorten this process a little.
* Add the new address records and wait for them to propogate to
all authoritative servers and any cached negative responses for
them to expire.
* Update the NS RRset
+ Add the NS record for the new nameserver.
+ Remove the NS record for the old nameserver.
* Update the parent zone
+ Update the parent zone to ADD the new nameserver and glue.
+ Update the parent zone to REMOVE the old nameserver and glue.
* Wait for the old NS RRet and referrals to expire from caches.
* Remove the old address records if they are no longer required.
In all cases you re-sign the zone whenever you make changes to it.
Thx
CT
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Mark,
Thank you for your very succinct response..
Exactly what I needed..
CT
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users