[TriLUG] OT: DSL for SOHO in Chapel Hill

Jon Carnes jonc at nc.rr.com
Tue Jan 27 13:59:03 EST 2004 

On Tue, 2004-01-27 at 10:02, Ben Pitzer wrote:

> 4.  If you change your zone, make sure to lower the TTL in your SOA record
> at least 1 week before you move the zone to another provider, and that the
> old provider removes your zone from their DNS servers as soon as the new
> zone is set up with the new provider.  This may require some cajoling, as
> sometimes providers are slow to remove their old zones.  It is, however,
> imperative, as most DNS servers will continue to look your zone up on the
> last known authoritative server until that server is no longer
> authoritative.
> 
Six years ago when I moved HAHT over to TWTC from UUNet I was using
UUNet as a secondary DNS.  I shortened my TTL *and* left behind a box
running multiple IP's and forwarding ports to our new domain.  My plan
was to pull the box and cancel the UUNet service once the hits on the
box dropped to near zero.

The hits on that box dropped after the first day, but were steady after
that.  After a month I traced down all the hits that were still going to
that box as coming from folks using UUNet's DNS servers.  They refused
to drop their Secondary for HAHT.  All told it took them 3 months to
drop the old information out of their DNS. 

>From that day on, I've always kept the Secondary (and the Primary) on a
box that I control.

YMMV -  Jon Carnes

> > With things like port forwarding and reverse proxying you can do some
> > amazing things with just one IP address.  You'd never know that traffic
> > coming into my one IP could be directed into any one of half a dozen
> > servers (to say nothing of all the other boxes hiding behind NAT).
> 
> Being the secondary (or tertiary or quartiary) DNS authority for your own
> zone is fine, but most times it makes more sense to let someone in a
> datacenter, on a different network, with redundant power and routing be the
> at least the primary, and you take over the secondary zone.  *NOTE*:  Make
> sure that your provider either sets you up to transfer your zone (which many
> may not do), or you make sure that your zones match 100%, down to the serial
> number in the SOA record.
> 
> 
> Regards,
> Ben Pitzer
> 
> ---------------------------------------------
> 
> "Those that can give up essential liberty to obtain a little temporary
> safety deserve neither liberty nor safety."
>  --Ben Franklin--

More information about the TriLUG mailing list