[TriLUG] OT: Router then Firewall

[Tanner Lovelace]

On 5/16/06, Aaron S. Joyner <aaron at joyner.ws> wrote:
> As an exercise for the reader, how would you handle migrating your DNS
> server(s) from one IP address (or one subnet) to another, using similar
> techniques?  Do you need to talk to someone outside your organization,
> or can you do it all in-house?  Are you sure of your answer to that last
> question?  How would you find out for sure...  :)  A Google T-shirt(*)
> to the person who comes up with the best / most complete answer(+).

Since you said "similar techniques" I'll follow your lead. :-)

1. Examine your current SOA (Start of Authority) record and NS
records, determine
their TTLs, we'll say 2 weeks.
2. At least one current-TTL-interval (2 weeks) before you intend to make
the change, update the TTLs for the SOA and NS to be very low, for example
2-4 hours.
3:  Set up the new DNS servers with the new information then 'throw
the switch' by changing the whois record.
4:  Establish that everything is working as expected, perhaps wait 1 day
to be sure.
5:  Make a final DNS update to return the TTLs to their previous long /
stable values.

I believe that would cover it, right? :-)

Cheers,
Tanner
-- 
Tanner Lovelace
clubjuggler at gmail dot com
http://wtl.wayfarer.org/
(fieldless) In fess two roundels in pale, a billet fesswise and an
increscent, all sable.