Re: [cobalt-users] help with server migration planning

[Jeff Lasman <jblists@xxxxxxxxxxxxx>]

Rick Ewart wrote:

> The nameserver(s) though, must be moved out on the Net, at the registries.
> When I last moved my RaQ, I had a HECK of a time getting NetSol to reflect
> the changes I made on the name server. My fear was the secondaries giving up
> before the change was made.

It can be pretty easy...

I'm going to write some points for Brandon... in my previous post I
asked him to look here for my suggestions...

Brandon, how do you currently handle your secondary?  Do you have each
box handling primary and secondary for it's own domains?  Or do you have
one box handling primary for all your domains, and another secondary?

Or some combination?

If all your nameservers are RaQs it's a bit easier to do, and I'm going
to presume that in these comments:

If you currently use one server for primary and another for secondary,
svae the /etc/records file on the secondary, then copy your entire
/etc/records file from the Raq serving as primary to the one serving as
secondary.  (Don't forget that once you do this, any time you change
anything for the rest of the week, i.e., TTL, you'll need to do it in
both records files.)  Then restart the secondary; it'll still work as a
secondary, but it'll think it's a primary.

Today, get your new IP#s for the new location, and assign one of them
for primary nameservice and another for secondary nameservice.

Immediately today, change the IP# of ns2 at your registrar, where it's
registered as a nameserver.  This means your secondary will stop working
as soon as the IP# is changed, but you'll still have primary service at
your old IP#.

(Be sure to change the IP#s of the secondary server everywhere it
appears in your /etc/records files on both systems.)

Your primary nameserver will continue to work (and you temporarily won't
have a working secondary) until your move.

Immediately after the move your secondary will start to work and your
primary will stop.

That won't matter, since your secondary will "think" it's a primary and
not look to any other system for its data.  And the Internet itself
doesn't care; everytime anyone looks up your dns they send it to all
your nameservers and keep the first reply they get.

Then change the IP# of your primary at your registrar.

Some registries will automatically update whois information to show the
new IP#s, and some won't, but the actual glue records on the root
servers will get changed properly, and be right, even if the whois is
wrong.

If the whois is wrong at certain registrars, notify those registrars to
fix it.

At your leisure, update the TTL times in /etc/records on your primary,
and restore the backup you made of /etc/records on the secondary.  When
yo do, be sure to update the IP#s of the nameservers in the /etc/records
file on the secondary, as they'll be wrong.

Then restart both nameservers from the gui.

Everything should be working fine.

(If anyone sees any problems in this, please contact me and Brandon
immediately; thanks!)

> FYI, the term to use at NetSol (as most of the people I spoke with hadn't a
> clue what what I needed) is to ask them to "mirror the registry". You can do
> anything you want, but until they do that, your nameserver change will not
> be reflected in Net Sol controlled sites...

I'm not sure what you mean; I've done it as above numerous times and
I've never used the term "mirror the registry".  Are you talking about
the whois records?  It's been my experience that the whois being
incorrect has NEVER mattered, and that anyway, netsol has always picked
up my changes automatically.  YMMV.  If NetSol is your registrar they'll
notify the registry when you tell them to change the IP#s of the
nameservers.  If they're not it doesn't matter, since the registrar is
NEVER contacted when anyone does a lookup.  So I'm confused at your
point; please clarify it for me <smile>.  Thanks.

> Another tip that worked well for me - you could move 1 box, replicate the
> DNS entries on it at the new location, and setup all the name servers as
> different IP based sites. Then you could redirect the registry to that box
> for primary DNS. That will give you a stable place to do DNS changes while
> moving the boxes around. Might simplify the confusion of what is where....

That takes a bit longer than my suggestion.  Do you see anything wrong
with my suggestion?  While it's worked for me, I don't recommend anyone
try it without going over it carefully; I could have left something out
when writing it down <frown>.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net, P. O. Box 52672, Riverside, CA  92517
voice: +1 909 778-9980  *  fax: +1 909 548-9484