On Thu, Feb 23, 2017 at 3:03 PM, Reindl Harald <h.rei...@thelounge.net> wrote: > > > Am 23.02.2017 um 20:52 schrieb Eldridge, Rod A [ITNET]: >> >> >> Iowa State University is replacing 7 ISC NAMED/BIND servers and 4 ISC DHCP >> servers with Infoblox servers on March 14th. We want to keep the domain >> names of our external servers the same (with one exception), but we will be >> changing all of the IPv4 and IPv6 addresses of those external servers. >> >> Current external name servers: >> >> DNS-1.IASTATE.EDU 129.186.6.249, >> 2610:130:101:100::249 >> DNS-2.IASTATE.EDU 129.186.88.249, >> 2610:130:102:e01::249 >> ISU.DNS.NORTHERNLIGHTS.GIGAPOP.NET 146.57.253.249, >> 2607:ea00:1:9::aa >> >> The exception is that we will be removing >> ISU.DNS.NORTHERNLIGHTS.GIGAPOP.NET (a server located at the UMN) and will be >> installing a server at UIowa (that will be named DNS-3.IASTATE.EDU). >> >> The new IPv4 addresses for the new external name servers will be: >> >> DNS-1.IASTATE.EDU 129.186.67.129 >> DNS-2.IASTATE.EDU 129.186.67.145 >> DNS-3.IASTATE.EDU 128.255.x.x <== not yet >> assigned >> >> We haven't assigned IPv6 addresses yet. >> >> We'd like advice about any issues or problems we might run into and to >> watch out for, what preparations should we do or must we do before the >> switch, and any other advice to help us make this switch go smoothly and >> unnoticed. >
I think that I'd modify Reindl's list: A: startup the new servers B: keep them in sync C: decrease the TTL on your NS (and other sensitive records) -- currently they are a day. Nothing is more embarrassing than e.g making a type and having to wait a long TTL to be able to recover D: update 1 NS records to the new servers E: update GLUE records for same F: go back to D, updating the next one. G: wait TTL + safety time H: shutdown the old servers > > * startup the new servers > * keep them in sync > * update NS records to the new servers > * update GLUE records > * wait TTL + safety time > * shutdown the old servers > > when we speak of TTL - GLUE recors have a *really large* TTL independent of > your zones - but that is no problem at all since for some time you have > running old and new servers > > so it don't matter for anybody as long they all have the same zone data > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
