Solved

Getting ready to switch ISP - minimalize dns replication issue

Posted on 2007-11-14
9
2,231 Views
Last Modified: 2013-12-25
Have multiple web/email/app servers that are all associated with external ip addresses that will change when i go to a different provider.  We handle DNS in-house.  The registrar currently makes reference to my 2 name servers on my current provider block.  The new provider will give me our ip address up front so i can make inital configurations.  My idea was to create 2 additional name servers  with the new ip addresses prior to the actual rollout so as to replicate accross.

proposed idea =
current:
ns1.oldprovider.com = online
ns2.oldprovdier.com = online
ns3.newprovider.com = offline
ns3.newprovider.com = offline

day of rollout:
ns1.oldprovider.com = offline
ns2.oldprovider.com = offline
ns3.newprovider.com = online
ns4.newprovider.com = online

ns1-ns4 would all be replicated accross the internet but only 50% available at any given time.  the day of rollout i would make all the config changes on my local dns to reflect the new ip addresses once the new provider is live - a step i must take because i only have the 2 name servers.  ns1 will become ns3 and ns2 will become ns4.

Unless there is a much easier way to do this....but i have been instructed to change ISP with at most 1 hour of downtime / can't wait the 24-36 hour dns replication time.

Ideas or thougts?
0
Comment
Question by:bingboo
  • 3
  • 2
  • 2
9 Comments
 
LVL 4

Accepted Solution

by:
mdcsea earned 250 total points
Comment Utility
As I understand it, there are a couple of issues here.  First, you want DNS outages to be kept to a minimum, second, you need to get everything moved over to the new IPs with minimum downtime.

Regarding the first point, your idea to set up two new servers is a fine one though a bit risky - especially if there are any problems during the switchover.  If everything goes smoothly the day of the changeover, you're good - if not, there could be problems.

 Assuming you'll either have the new ISP up ahead of time or can keep the old ISP a bit after the transition (a day of overlap should be plenty, I would not replicate ns3/ns4 (the new servers) with ns1/ns2 (the old ones).  Instead, I'd load only the DNS information needed to resolve hosts once assigned to the new IPs on ns3/ns4.  Essentially, you'll still have 2 pairs of server and only one pair online at any given time.  That way, as soon as you bring the new IPs online, the new DNS servers will be there and waiting with only the correct information (no stale records from old IPs).

Be sure you register all 4 DNS servers with your registrar well before the swap so that all 4 are offered as authoritative even though only 2 will be available at any time.

As for reducing the replication time once you make the change, a few days (or more) before you are ready to make the transfer, reduce the TTLs on all records (including the SOA) on the old servers to less than 30 minutes.  Doing it well in advance will make certain that the new TTL will have propagated to any servers on the internet that may have cached records and those servers will know to expire the cache quickly and look for new info.  That way when you do make the swap, the new addresses will be picked up quickly.

This will increase DNS traffic quite a bit.  If that will be a problem, set up an additional server with a third party (even if only temporarily) and make it the primary for your domain with your registrar.

Hope this helps!
0
 
LVL 18

Assisted Solution

by:Andrej Pirman
Andrej Pirman earned 250 total points
Comment Utility
The TTL idea is what I use each time I switch anything and needs to be propagated quickly, so it is proven to be good.
Where I see a problem is that you host your DNS in-house, which means, when switching ISP, your DNS will be in dark, too, so your parent DNS at your registrar will fail lookup, and DNS changes will not even begin to propaginate.
To workaround, as Mdcsea already suggested, it is a MUST TO setup external DNS, not only for the switching period, but also for later use. I suggest you to use free DNS service at www.zoneedit.com, where you may setup Secondary DNS for your main domain, which hosts your DNS.
For example, if you use your own DNS names
ns1.yourMainDomain.com
ns2.yourMainDomain.com
setup Primary DNS for yourMainDomain.com in www.zoneedit.com. I say *primary* because if it is Secondary, you won't have a chance to edit zone records to point to new IP, so temporarily zone *must* be Primary.
After you make a switch, you may convert the zone to secondary with a simple click.

0
 

Author Comment

by:bingboo
Comment Utility
The new provider has recommended that we maintain just the one Name Server on the new backbone with the updated new ip addresses on the day of transition and leave one web server temporarily behind on the old ISP backbone that will answer name resolution hits to the old IP address.  This should take care of all websites issues however I will still need to publish secondary mx records several days prior to rollout.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 18

Expert Comment

by:Andrej Pirman
Comment Utility
Fine, so here are your steps:
1.) Add secondary MX records for your domain with higher number (higher number=lower priority MX)
1b.) If you want to speed up transition process, lower TTL values, also SOA Time To Live, in your old DNS zone settings. Lower TTL down from default 24 or 48 hours to an hour or two, or even less, but an hour is enough.
2.) Setup your new server and make sure all is working fine, all websites, all databases, all mails
3.) Setup your new DNS, and, if it is on YOUR domain AND will have different name as your old DNS servers, don't forget to register those new DNS server name, for example, ns3.yourdomain.com, at your domain registrar and tell them it is for DNS server! Registering a sub-domain, for example, ns3.yourdomain.com as DNS server, needs some extra steps at your registrar, yhich will register this name in DNS namespace.
4.) Test your new server from your home computer, temporarily assigning your new DNS server's IP as your only DNS server for your home computer. Doing so, you will emulate as your new server is already in production, but only you will see it.
5.) When everything works fine, you are ready to either:
- change NAMEs of your dns servers at your registrar, if your old DNS was, for example, ns1.yourdomain.com, and your new DNS is ns3.yourdomain.com
- or change IPs of your DNS servers, if your old and new DNS servers will have the same name, only IP will be different
6.) After TTL time your transfer will be visible to whole internet and you are done. Hopefully with no problems.
0
 

Author Comment

by:bingboo
Comment Utility
Sorry for the delay, I only have one remaining question.  Can I publish a  Name Server even though it will be offline for a week or so?  As long as I have at least one Name server online that can correctly resolve I should be ok yes?
0
 
LVL 4

Expert Comment

by:mdcsea
Comment Utility
Yes, you may have multiple nameservers - even if they are not all active.  The nameservers that are offline will be listed as 'lame' nameservers (meaning they are not responsive) until they are brought online.

When you are ready to make your transition, simply shut down the servers that contain the old information.  Remember though, if you don't set the TTLs down to a low number shortly before the transition you will experience a latency as cached DNS records expire on servers across the internet.
0
 

Author Closing Comment

by:bingboo
Comment Utility
Thank you both very much and sorry for the delay.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Let’s list some of the technologies that enable smooth teleworking. 
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now