sjahan
asked on
A Challenging DNS question - Moving from one ISP to another and technique to minimize/eliminate downtime!
Greetings:
I am moving a T1 line from ISP-1 to ISP-2. Current DNS entires are in ISP-1's DNS server. Listed below is the plans I have made - I am running it by the experts to make sure that this is the best route to take and if not to get suggestions on alternates:
1. Setup DNS entries in ISP-2's DNS server (ns1.algx.net)
2. Call Registrar to change the DNS pointer from auth40.ns.uu.net to ns1.algx.net
3. Propagation delay for the change is irrelevant since enquiries made to ISP-1's DNS server (old) and ISP-2's DNS server (new) will resolve to the same static IP's.
4. After 3 days, modify the DNS entries in ISP-2's DNS server to reflect the new static IP's provided by ISP-2 and then physically disconnect from ISP-1's T1 and connect to ISP-2's T1
And two related questions:
(a) When I change the entries in primary DNS server - those changes are immediate - correct ? In otherwords, someone enquiring about www.erowatech.com will get the new static IP's back. Are there caching or some other technique involved that will require a propagation delay here too ?
(b) The domain I am working on is www.erowatech.com - I made the entires in ISP-2's DNS server - mimicking exactly as ISP-1's however, the ZoneListing is different when I query - is that normal ? I use IPswitches WS Ping Pro Pack and everything except the ZoneListing is identical.
ZONE LISTING FROM ISP-1 DNS Server auth40.ns.uu.net
; zone "erowatech.com" last serial 7
; from 198.6.1.18 at 12:31:57
$ORIGIN com.
erowatech IN SOA auth40.ns.uu.net. hostmaster.uu.net. (
7 21600 3600 1728000 21600)
$ORIGIN erowatech.com
erowatech.com. IN NS auth40.ns.uu.net.
IN NS auth62.ns.uu.net.
IN A 216.37.10.27
IN MX 10 mail.erowatech.com.
IN MX 20 mail.erowa.com.
mail.erowatech.com. IN A 63.106.113.66
www.erowatech.com. IN CNAME erowatech.4omega.com.
;** Received 8 records for erowatech.com from 198.6.1.18
ZONELISTING from ISP-2's DNS ns1.algx.net
;** Received 0 records for erowatech.com from 216.99.225.30
ISP-2's support people I spoke to was not able to give an answer?
Thanks
Shah
sjahan22@hotmail.com
I am moving a T1 line from ISP-1 to ISP-2. Current DNS entires are in ISP-1's DNS server. Listed below is the plans I have made - I am running it by the experts to make sure that this is the best route to take and if not to get suggestions on alternates:
1. Setup DNS entries in ISP-2's DNS server (ns1.algx.net)
2. Call Registrar to change the DNS pointer from auth40.ns.uu.net to ns1.algx.net
3. Propagation delay for the change is irrelevant since enquiries made to ISP-1's DNS server (old) and ISP-2's DNS server (new) will resolve to the same static IP's.
4. After 3 days, modify the DNS entries in ISP-2's DNS server to reflect the new static IP's provided by ISP-2 and then physically disconnect from ISP-1's T1 and connect to ISP-2's T1
And two related questions:
(a) When I change the entries in primary DNS server - those changes are immediate - correct ? In otherwords, someone enquiring about www.erowatech.com will get the new static IP's back. Are there caching or some other technique involved that will require a propagation delay here too ?
(b) The domain I am working on is www.erowatech.com - I made the entires in ISP-2's DNS server - mimicking exactly as ISP-1's however, the ZoneListing is different when I query - is that normal ? I use IPswitches WS Ping Pro Pack and everything except the ZoneListing is identical.
ZONE LISTING FROM ISP-1 DNS Server auth40.ns.uu.net
; zone "erowatech.com" last serial 7
; from 198.6.1.18 at 12:31:57
$ORIGIN com.
erowatech IN SOA auth40.ns.uu.net. hostmaster.uu.net. (
7 21600 3600 1728000 21600)
$ORIGIN erowatech.com
erowatech.com. IN NS auth40.ns.uu.net.
IN NS auth62.ns.uu.net.
IN A 216.37.10.27
IN MX 10 mail.erowatech.com.
IN MX 20 mail.erowa.com.
mail.erowatech.com. IN A 63.106.113.66
www.erowatech.com. IN CNAME erowatech.4omega.com.
;** Received 8 records for erowatech.com from 198.6.1.18
ZONELISTING from ISP-2's DNS ns1.algx.net
;** Received 0 records for erowatech.com from 216.99.225.30
ISP-2's support people I spoke to was not able to give an answer?
Thanks
Shah
sjahan22@hotmail.com
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
hi,
well looks to me like isp-2 does not have your domain set up yet - but i'm just guessing how you are getting those 'zone listing'..
as for good research - none better than "dns and bind" by O'Rielly - you can get it from any good technical bookstore.
cheers.
well looks to me like isp-2 does not have your domain set up yet - but i'm just guessing how you are getting those 'zone listing'..
as for good research - none better than "dns and bind" by O'Rielly - you can get it from any good technical bookstore.
cheers.
ASKER
I used Ipswitch's toolkit called WS-Ping-Pro and it has options to query and get A, CNAME, HINFO, MX, PTR, NS, SOA and ZONE. The Listing I posted earlier was from this utility.
ISP-2 claims that it is setup. When I query, all ISP-2 entries matches with ISP-1 EXCEPT the zone listing.
I do think that ISP-2 may not be fully setup. But they claim they are. And tells me 'Not To Worry' about the ZoneListing.
The way it stands now (without the Zone Listing) on ISP-2, I can query and get the A and MX records for the domain. Once I delegate ISP-2 DNS, do you think that there will be problems without the Zonelisting ?
Tks
ISP-2 claims that it is setup. When I query, all ISP-2 entries matches with ISP-1 EXCEPT the zone listing.
I do think that ISP-2 may not be fully setup. But they claim they are. And tells me 'Not To Worry' about the ZoneListing.
The way it stands now (without the Zone Listing) on ISP-2, I can query and get the A and MX records for the domain. Once I delegate ISP-2 DNS, do you think that there will be problems without the Zonelisting ?
Tks
i see,
i wouldn't suggest that you "do not worry" about the zone listing of ISP2, but it is quite normal for inability to pull the full zone listing from an isp. in fact most DNS software these days will deny a full zone file listing to any server other than their secondary/backup domain servers.
there is a minor security rationale behind that, but read the book i suggested and you'll find out all about that.
if you really want to check that isp2 has the domain properly set up, use nslookup and check on every entry that is important to you.
cheers.
i wouldn't suggest that you "do not worry" about the zone listing of ISP2, but it is quite normal for inability to pull the full zone listing from an isp. in fact most DNS software these days will deny a full zone file listing to any server other than their secondary/backup domain servers.
there is a minor security rationale behind that, but read the book i suggested and you'll find out all about that.
if you really want to check that isp2 has the domain properly set up, use nslookup and check on every entry that is important to you.
cheers.
ASKER
I did an nslookup on ISP-2. (Syntax used nslookup -q=any erowatech.com ns1.algx.net). Here it is - It looks ok:
------
Server: ns1.algx.net
Address: 216.99.225.30
erowatech.com
primary name server = ns1.algx.net
responsible mail addr = hostmaster.algx.net
serial = 2003041507
refresh = 18800 (5 hours 13 mins 20 secs)
retry = 3600 (1 hour)
expire = 3600000 (41 days 16 hours)
default TTL = 86400 (1 day)
erowatech.com MX preference = 10, mail exchanger = mail.erowatech.com
erowatech.com MX preference = 20, mail exchanger = mail.erowa.com
erowatech.com internet address = 216.37.10.27
erowatech.com nameserver = ns1.algx.net
erowatech.com nameserver = ns2.algx.net
erowatech.com nameserver = ns3.algx.net
mail.erowatech.com internet address = 63.106.113.66
ns1.algx.net internet address = 216.99.225.30
ns2.algx.net internet address = 216.99.225.31
ns3.algx.net internet address = 216.99.233.253
------
BUT SOMETHING STRANGE CAMEUP when I did nslookup on ISP-1.
(nslookup -q=any erowatech.com auth40.ns.uu.net)
---
(root) nameserver = M.ROOT-SERVERS.NET
(root) nameserver = I.ROOT-SERVERS.NET
(root) nameserver = E.ROOT-SERVERS.NET
(root) nameserver = D.ROOT-SERVERS.NET
(root) nameserver = A.ROOT-SERVERS.NET
(root) nameserver = H.ROOT-SERVERS.NET
(root) nameserver = C.ROOT-SERVERS.NET
(root) nameserver = G.ROOT-SERVERS.NET
(root) nameserver = F.ROOT-SERVERS.NET
(root) nameserver = B.ROOT-SERVERS.NET
(root) nameserver = J.ROOT-SERVERS.NET
(root) nameserver = K.ROOT-SERVERS.NET
(root) nameserver = L.ROOT-SERVERS.NET
M.ROOT-SERVERS.NET internet address = 202.12.27.33
I.ROOT-SERVERS.NET internet address = 192.36.148.17
E.ROOT-SERVERS.NET internet address = 192.203.230.10
D.ROOT-SERVERS.NET internet address = 128.8.10.90
A.ROOT-SERVERS.NET internet address = 198.41.0.4
H.ROOT-SERVERS.NET internet address = 128.63.2.53
C.ROOT-SERVERS.NET internet address = 192.33.4.12
G.ROOT-SERVERS.NET internet address = 192.112.36.4
F.ROOT-SERVERS.NET internet address = 192.5.5.241
B.ROOT-SERVERS.NET internet address = 128.9.0.107
J.ROOT-SERVERS.NET internet address = 192.58.128.30
K.ROOT-SERVERS.NET internet address = 193.0.14.129
L.ROOT-SERVERS.NET internet address = 198.32.64.12
Server: UnKnown
Address: 198.6.1.19
(root) nameserver = M.ROOT-SERVERS.NET
(root) nameserver = I.ROOT-SERVERS.NET
(root) nameserver = E.ROOT-SERVERS.NET
(root) nameserver = D.ROOT-SERVERS.NET
(root) nameserver = A.ROOT-SERVERS.NET
(root) nameserver = H.ROOT-SERVERS.NET
(root) nameserver = C.ROOT-SERVERS.NET
(root) nameserver = G.ROOT-SERVERS.NET
(root) nameserver = F.ROOT-SERVERS.NET
(root) nameserver = B.ROOT-SERVERS.NET
(root) nameserver = J.ROOT-SERVERS.NET
(root) nameserver = K.ROOT-SERVERS.NET
(root) nameserver = L.ROOT-SERVERS.NET
M.ROOT-SERVERS.NET internet address = 202.12.27.33
I.ROOT-SERVERS.NET internet address = 192.36.148.17
E.ROOT-SERVERS.NET internet address = 192.203.230.10
D.ROOT-SERVERS.NET internet address = 128.8.10.90
A.ROOT-SERVERS.NET internet address = 198.41.0.4
H.ROOT-SERVERS.NET internet address = 128.63.2.53
C.ROOT-SERVERS.NET internet address = 192.33.4.12
G.ROOT-SERVERS.NET internet address = 192.112.36.4
F.ROOT-SERVERS.NET internet address = 192.5.5.241
B.ROOT-SERVERS.NET internet address = 128.9.0.107
J.ROOT-SERVERS.NET internet address = 192.58.128.30
K.ROOT-SERVERS.NET internet address = 193.0.14.129
L.ROOT-SERVERS.NET internet address = 198.32.64.12
-----------
Any idea, why ISP-1 responds like this ?
Tks
------
Server: ns1.algx.net
Address: 216.99.225.30
erowatech.com
primary name server = ns1.algx.net
responsible mail addr = hostmaster.algx.net
serial = 2003041507
refresh = 18800 (5 hours 13 mins 20 secs)
retry = 3600 (1 hour)
expire = 3600000 (41 days 16 hours)
default TTL = 86400 (1 day)
erowatech.com MX preference = 10, mail exchanger = mail.erowatech.com
erowatech.com MX preference = 20, mail exchanger = mail.erowa.com
erowatech.com internet address = 216.37.10.27
erowatech.com nameserver = ns1.algx.net
erowatech.com nameserver = ns2.algx.net
erowatech.com nameserver = ns3.algx.net
mail.erowatech.com internet address = 63.106.113.66
ns1.algx.net internet address = 216.99.225.30
ns2.algx.net internet address = 216.99.225.31
ns3.algx.net internet address = 216.99.233.253
------
BUT SOMETHING STRANGE CAMEUP when I did nslookup on ISP-1.
(nslookup -q=any erowatech.com auth40.ns.uu.net)
---
(root) nameserver = M.ROOT-SERVERS.NET
(root) nameserver = I.ROOT-SERVERS.NET
(root) nameserver = E.ROOT-SERVERS.NET
(root) nameserver = D.ROOT-SERVERS.NET
(root) nameserver = A.ROOT-SERVERS.NET
(root) nameserver = H.ROOT-SERVERS.NET
(root) nameserver = C.ROOT-SERVERS.NET
(root) nameserver = G.ROOT-SERVERS.NET
(root) nameserver = F.ROOT-SERVERS.NET
(root) nameserver = B.ROOT-SERVERS.NET
(root) nameserver = J.ROOT-SERVERS.NET
(root) nameserver = K.ROOT-SERVERS.NET
(root) nameserver = L.ROOT-SERVERS.NET
M.ROOT-SERVERS.NET internet address = 202.12.27.33
I.ROOT-SERVERS.NET internet address = 192.36.148.17
E.ROOT-SERVERS.NET internet address = 192.203.230.10
D.ROOT-SERVERS.NET internet address = 128.8.10.90
A.ROOT-SERVERS.NET internet address = 198.41.0.4
H.ROOT-SERVERS.NET internet address = 128.63.2.53
C.ROOT-SERVERS.NET internet address = 192.33.4.12
G.ROOT-SERVERS.NET internet address = 192.112.36.4
F.ROOT-SERVERS.NET internet address = 192.5.5.241
B.ROOT-SERVERS.NET internet address = 128.9.0.107
J.ROOT-SERVERS.NET internet address = 192.58.128.30
K.ROOT-SERVERS.NET internet address = 193.0.14.129
L.ROOT-SERVERS.NET internet address = 198.32.64.12
Server: UnKnown
Address: 198.6.1.19
(root) nameserver = M.ROOT-SERVERS.NET
(root) nameserver = I.ROOT-SERVERS.NET
(root) nameserver = E.ROOT-SERVERS.NET
(root) nameserver = D.ROOT-SERVERS.NET
(root) nameserver = A.ROOT-SERVERS.NET
(root) nameserver = H.ROOT-SERVERS.NET
(root) nameserver = C.ROOT-SERVERS.NET
(root) nameserver = G.ROOT-SERVERS.NET
(root) nameserver = F.ROOT-SERVERS.NET
(root) nameserver = B.ROOT-SERVERS.NET
(root) nameserver = J.ROOT-SERVERS.NET
(root) nameserver = K.ROOT-SERVERS.NET
(root) nameserver = L.ROOT-SERVERS.NET
M.ROOT-SERVERS.NET internet address = 202.12.27.33
I.ROOT-SERVERS.NET internet address = 192.36.148.17
E.ROOT-SERVERS.NET internet address = 192.203.230.10
D.ROOT-SERVERS.NET internet address = 128.8.10.90
A.ROOT-SERVERS.NET internet address = 198.41.0.4
H.ROOT-SERVERS.NET internet address = 128.63.2.53
C.ROOT-SERVERS.NET internet address = 192.33.4.12
G.ROOT-SERVERS.NET internet address = 192.112.36.4
F.ROOT-SERVERS.NET internet address = 192.5.5.241
B.ROOT-SERVERS.NET internet address = 128.9.0.107
J.ROOT-SERVERS.NET internet address = 192.58.128.30
K.ROOT-SERVERS.NET internet address = 193.0.14.129
L.ROOT-SERVERS.NET internet address = 198.32.64.12
-----------
Any idea, why ISP-1 responds like this ?
Tks
different dns software i'd say - does it matter?
the main point as i said before is that you can't assume that the name server will dump your whole zone file. if it does, then it is either older software, not set up properly, or they have intentially allowed it on your zone to keep you happy ;-)
cheers.
the main point as i said before is that you can't assume that the name server will dump your whole zone file. if it does, then it is either older software, not set up properly, or they have intentially allowed it on your zone to keep you happy ;-)
cheers.
ASKER
Thank you meverest, Your answers have helped. How do I close this thread ?
hi,
you choose the response that best answers your question and click the button that says "accept as answer" (or something like that), then you choose to give me an 'A' ;-) and submit.
glad to help,
cheers.
you choose the response that best answers your question and click the button that says "accept as answer" (or something like that), then you choose to give me an 'A' ;-) and submit.
glad to help,
cheers.
ASKER
Could you pls tell me why the ZoneListing in ISP-2 is different than ISP-1 ?
Here is question (b) again - from the original post:
(b) The domain I am working on is www.erowatech.com - I made the entires in ISP-2's DNS server - mimicking exactly as ISP-1's however, the ZoneListing is different when I query - is that normal ? I use IPswitches WS Ping Pro Pack and everything except the ZoneListing is identical.
ZONE LISTING FROM ISP-1 DNS Server auth40.ns.uu.net
; zone "erowatech.com" last serial 7
; from 198.6.1.18 at 12:31:57
$ORIGIN com.
erowatech IN SOA auth40.ns.uu.net. hostmaster.uu.net. (
7 21600 3600 1728000 21600)
$ORIGIN erowatech.com
erowatech.com. IN NS auth40.ns.uu.net.
IN NS auth62.ns.uu.net.
IN A 216.37.10.27
IN MX 10 mail.erowatech.com.
IN MX 20 mail.erowa.com.
mail.erowatech.com. IN A 63.106.113.66
www.erowatech.com. IN CNAME erowatech.4omega.com.
;** Received 8 records for erowatech.com from 198.6.1.18
ZONELISTING from ISP-2's DNS ns1.algx.net
;** Received 0 records for erowatech
>>> Could you also point me towards some FAQ's or other literature about ZoneListing. Is the ZoneListing manually entered by the DNS admin or is this listing dynamically generated by the DNS daemon/service (from all pertinent DNS entries already in the system) at the time of receiving a query
Tks