Moving from one ISP to another, along with new nameservers
Current ISP is closing it's doors. They also host our DNS records(about 5 total...MX, A, SPF and SRV). New ISP will have new circuits up this Friday, but it looks like they don't include hosting nameservers without paying extra, so I thought I'd just use my registrar(register.com) as our nameserver(s) and host the DNS records there for free. Since my servers(email and VPN appliance) will now have new public IPs(both are Nat'd on the firewall), is there a way to seamlessly transfer over with no/minimal downtime?
In a nutshell:
OLDISP hosts our MX record, autodiscover record, A record for VPN and SPF record. All of these records are using public IP addresses provided by OLDISP. Currently, when I look up our nameservers on register.com, they point to the nameservers hosted by OLDISP.
NEWISP has given me a new block of public IP addresses to use for my records. I would like to use register.com to manage my records as well as be my new nameserver(s).
I can't figure out how to do this on a Friday afternoon with little to no downtime..... Thanks for any advice/suggeastions.
In a nutshell:
OLDISP hosts our MX record, autodiscover record, A record for VPN and SPF record. All of these records are using public IP addresses provided by OLDISP. Currently, when I look up our nameservers on register.com, they point to the nameservers hosted by OLDISP.
NEWISP has given me a new block of public IP addresses to use for my records. I would like to use register.com to manage my records as well as be my new nameserver(s).
I can't figure out how to do this on a Friday afternoon with little to no downtime..... Thanks for any advice/suggeastions.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Honestly it is six and half a dozen. Either way you have to wait for replication to take place to update either your existing records, or your new ones. And changing your name server update is replicated the same way.
You may save yourself a bit of time on the IP replication, BUT .. you would then have another set of possible downtime when you change your name server as the old Name servers delete your old records and your new replicates out your new.
You may save yourself a bit of time on the IP replication, BUT .. you would then have another set of possible downtime when you change your name server as the old Name servers delete your old records and your new replicates out your new.
ASKER
Uggh....
Is there any MORE downtime involved if I go with my original plan, which would be to do EVERYTHING at once(change over my nameservers AND change all the public IP/zone entries)?? Is there a preferred wokflow for this?
I ask because THIS Friday, the new ISP will be coming out with a new router and turning on the circuit. At that point, I need to know in what order I should do/have done things for minimal downtime.
- change nameservers
- update all entries on new name servers with new public IPs
- bring new router up
- change any firewall NAT settings and/or references to public IPs and DNS settings
- reboot firewall
Is there any MORE downtime involved if I go with my original plan, which would be to do EVERYTHING at once(change over my nameservers AND change all the public IP/zone entries)?? Is there a preferred wokflow for this?
I ask because THIS Friday, the new ISP will be coming out with a new router and turning on the circuit. At that point, I need to know in what order I should do/have done things for minimal downtime.
- change nameservers
- update all entries on new name servers with new public IPs
- bring new router up
- change any firewall NAT settings and/or references to public IPs and DNS settings
- reboot firewall
Talk to Register.com and find out how long from when you pull your Name Servers over to them, you can create records. Between this and replication it your downtime. usually it is instant.
For your DNS
Move your name servers
Create your old records
Sit and wait.
For your new circuit:
Bring up your new router and test connectivity and stability.
Once you have signed off on the new circuit, either change your current config (or load your prior altered one ... this is what I usually do as during switch overs your concentration is never the best .. smile)
Reboot your router
Reboot your firewall
Test connectivity out
Test connectivity in (telnet etc)
Sit and wait for replication to occur from the DNS steps so your services will start working.
IF .. your firewall will handle BOTH your old circuit and your new circuit, you could configure it to accept mail etc on both old and new IP while replication takes place.
For your DNS
Move your name servers
Create your old records
Sit and wait.
For your new circuit:
Bring up your new router and test connectivity and stability.
Once you have signed off on the new circuit, either change your current config (or load your prior altered one ... this is what I usually do as during switch overs your concentration is never the best .. smile)
Reboot your router
Reboot your firewall
Test connectivity out
Test connectivity in (telnet etc)
Sit and wait for replication to occur from the DNS steps so your services will start working.
IF .. your firewall will handle BOTH your old circuit and your new circuit, you could configure it to accept mail etc on both old and new IP while replication takes place.
TYPO
For your DNS
Move your name servers
Create your NEW records
Sit and wait.
For your DNS
Move your name servers
Create your NEW records
Sit and wait.
Can you add both lines? IE: old ISP and new ISP concurrently? If so, you can do this with zero downtime.
Otherwise, you're looking at whatever the TTLs are on your current host.
If you cannot, then your best bet is to move DNS to register.com *before* you change the lines.
1. Change Auth NS to register.com, and setup identical records. No downtime because remote hosts will either go to your old ISP or register.com. It doesn't matter which they hit because the records are identical.
2. CALL register.com and ask them to manually set the TTL on your hosted records there as low as possible. (REgister.com tools do not allow you to specify TTL)
3. On new ISP day, have your new records ready to go and update them at register.com as soon as your new line is coming up. (here you are subject to *potential* downtime for clients, but shouldn't be any longer than the TTL at Register.com.)
Otherwise, you're looking at whatever the TTLs are on your current host.
If you cannot, then your best bet is to move DNS to register.com *before* you change the lines.
1. Change Auth NS to register.com, and setup identical records. No downtime because remote hosts will either go to your old ISP or register.com. It doesn't matter which they hit because the records are identical.
2. CALL register.com and ask them to manually set the TTL on your hosted records there as low as possible. (REgister.com tools do not allow you to specify TTL)
3. On new ISP day, have your new records ready to go and update them at register.com as soon as your new line is coming up. (here you are subject to *potential* downtime for clients, but shouldn't be any longer than the TTL at Register.com.)
ASKER
"1. Change Auth NS to register.com, and setup identical records. No downtime because remote hosts will either go to your old ISP or register.com. It doesn't matter which they hit because the records are identical."
I like this route, however it looks like as soon as I click on the register.com choice to "use register.com domain name servers", it will take over and remove my current name servers, which currently hold all the records. There doesn't seem to be a way to go in and copy all my records over, and then on Friday, "flip the switch" to move from OLDISP name servers to register.com nameservers.....
I like this route, however it looks like as soon as I click on the register.com choice to "use register.com domain name servers", it will take over and remove my current name servers, which currently hold all the records. There doesn't seem to be a way to go in and copy all my records over, and then on Friday, "flip the switch" to move from OLDISP name servers to register.com nameservers.....
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
"If you create them immediately after taking DNS Auth over at register.com, you'll have TWO fully functioning DNS authorities that will answer requests until things propagate and everyone is using Register.com."
That is, if I update BOTH the OLD(OLDISP) and NEW(register.com) around the same time, right? Once I switch ISPs(remember, all the public IPs are changing) then the OLD IPs won't work at all.......??
That is, if I update BOTH the OLD(OLDISP) and NEW(register.com) around the same time, right? Once I switch ISPs(remember, all the public IPs are changing) then the OLD IPs won't work at all.......??
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok, thanks. So what you are recommending, if the cutover is this Friday.....
On Wednesday, change my name server(s) from OLDISP to register.com and copy all the current records over to register.com, as they exist today(won't these changes still take a long time to propagate?? Outage would occur HERE instead of at cutover).
On Friday, right before the actual cutover, login to register.com and make all the DNS/IP modifications.
Make NAT/Address changes on Firewall(SonicWall NSA 3500)
Reboot Router.
Reboot Firewall.
??
On Wednesday, change my name server(s) from OLDISP to register.com and copy all the current records over to register.com, as they exist today(won't these changes still take a long time to propagate?? Outage would occur HERE instead of at cutover).
On Friday, right before the actual cutover, login to register.com and make all the DNS/IP modifications.
Make NAT/Address changes on Firewall(SonicWall NSA 3500)
Reboot Router.
Reboot Firewall.
??
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks. I have a direct line to our current(small time) ISP, and they can delete within minutes. So to sum it up.......
- Login to register.com sometime in the next 24 hours and make them my new nameserver(s)
- Recreate all current DNS records from OLDISP to register.com immediatley(downtime will occur here)
- Upon cutover(This Friday, late afternoon), log back in to register.com and modify records to reflect NEWISP public IP addresses(downtime will occur here).
- Make any WAN interface/NAT changes on firewall
- Reboot Firewall
- Reboot router.
?
- Login to register.com sometime in the next 24 hours and make them my new nameserver(s)
- Recreate all current DNS records from OLDISP to register.com immediatley(downtime will occur here)
- Upon cutover(This Friday, late afternoon), log back in to register.com and modify records to reflect NEWISP public IP addresses(downtime will occur here).
- Make any WAN interface/NAT changes on firewall
- Reboot Firewall
- Reboot router.
?
Plus call your existing ISP to get the (now) incorrect zonefile removed.
You got it.
You got it.
ASKER
Have OLDISP(current nameserver host) update current records with the new public IP addresses.
Wait a week, then move nameservers from old ISP to register.com
OLDISP is getting rid of their T! hosting services, but has offered to keep hosting DNS zone and FTP services if would like them to.....
...?