Re: Merging DNS servers

Wed, 27 Apr 2022 01:18:29 -0700 

On 26. 04. 22 19:47, Bob Harold wrote:
On Tue, Apr 26, 2022 at 11:36 AM Leroy Tennison via bind-users <bind-users@lists.isc.org <mailto:bind-users@lists.isc.org>> wrote: 

    I am working on shutting down a site which has an isc-bind server
    that is master for a domain and subnet which will exist elsewhere
    once the site is closed.  The few remaining systems don't warrant
    such a server.  My goal is to merge what remains of the
    domain/subnet into an existing server which is master for other
    domains/subnets.  My current thinking is to:

    freeze changes on the server being retired (fortunately DHCP's DDNS
    won't be an issue by that point)
    shut down that server
    take the data files (forward and reverse zone with associated
    journal files) and place them on the remaining server
    make sure the data file types are consistent
    change the the remaining server's type from slave to master for the
    zones in question
    restart the remaining server

    Is this a good plan?  If not, how should I proceed?
    Anything I'm missing?

    Thanks in advance for your input.

    -- 

Sounds good to me.  If you use "rndc freeze", then you should not need 
to copy the journal files.   If there are any other secondary servers 
(and you almost always want more than just the master), then change 
those to pull from the new server, and make sure that is working, before 
starting the steps you listed.


It's almost but incomplete - first step is missing.


The very first step should be removing references to to-be-removed 
server from NS set **in the parent zone** and also in the zone files you 
control, and also clearing up glue records in the parent.



Then wait for (max TTL + propagation delay) computed over all RR sets 
modified **in parent and child**, and only _then_ you can shutdown the 
old server.



Pro tip: You can lower the TTLs before so it you do not need to wait 
that long when the shutdown event is due.


Commands:
$ rndc sync -clean
$ rndc stop

... might be a good idea as well, I think.

--
Petr Špaček
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users






















					Reply via email to