bli_vastcap
asked on
External ip change
Hello all,
We're in the middle of changing our external ip for all our servers' and I have a question on what is the best way to implement it. What we plan to do is change the nat ip address on the firewall and dns entry on the dns hosting server and then redirect all traffic of the old ip address to the new ip address so nothing will be lost.
Here's an example lets say 38.1.1.1 is the external ip of the server now and we want it to be 38.2.2.1 in the future. what we plan to do is change the natting ip on the firewall then the public dns entry. But since changes to public dns takes time to proporgate thru to clients, we are also going to do some type of redirection from 38.1.1.1 to 38.2.2.1 so no traffic is lost. My question is what is the best and easiest way to perform this redirection? should i do it internally using a proxy server (which we don't have and I have no experience setting up) or as our network engineer suggest that we use another asa behind firewall and setup routes on it to redirect traffic.
are there software that could perform this type of redireciton? it sounds like an easy thing to do. thanks in advance.
We're in the middle of changing our external ip for all our servers' and I have a question on what is the best way to implement it. What we plan to do is change the nat ip address on the firewall and dns entry on the dns hosting server and then redirect all traffic of the old ip address to the new ip address so nothing will be lost.
Here's an example lets say 38.1.1.1 is the external ip of the server now and we want it to be 38.2.2.1 in the future. what we plan to do is change the natting ip on the firewall then the public dns entry. But since changes to public dns takes time to proporgate thru to clients, we are also going to do some type of redirection from 38.1.1.1 to 38.2.2.1 so no traffic is lost. My question is what is the best and easiest way to perform this redirection? should i do it internally using a proxy server (which we don't have and I have no experience setting up) or as our network engineer suggest that we use another asa behind firewall and setup routes on it to redirect traffic.
are there software that could perform this type of redireciton? it sounds like an easy thing to do. thanks in advance.
ASKER
problem is management doesn't want to rely on the unpredictability of the migration process. they want a fool proof close to 0 down time migration. so they want to forward the old traffic for a while and eventually remove it. In the past, i've always just do it by doing what you said, do it friday night and typically by saturday morning it's done.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
done
When i had done this recently for a client, i did it on Friday evening, and he was all set in few hours.
And Satuday morning we saw all dns changes were also replicated.
Then on Sunday i removed the old ip forwarding as well.
Adding Proxy/Forward setup may just complicate it is what i think.