Moving sites.. change TTL or SOA?? help

[motobrandt]

I'm in the process of moving about 100 domains from one datacenter to another. Both machines are running FreeBSD 4.11 and DirectAdmin.

I would like to copy the sites over and then change the DNS records in DirectAdmin and have it point to the new server. The problem is I want this to happen as quickly as possible for email and DB driven sites.

So how do I change the time that the current records are good for? Do I change the TTL on each record? Or change the TTL in the template and have rewrite the records as Jeff describes here? http://www.directadmin.com/forum/showthread.php?s=&threadid=1995&highlight=ttl

That thread seems to make sense but then when I look at the template it doesn't really make sense as I don't know as much as I should about DNS. So I'm asking here maybe I can learn something.

TIA

 

[Yikes2000]

Since you have been using the stock named.db template, here is another (perhaps more intuitive) way to accomplish the same thing:

# cd /etc/namedb
# perl -pi.bak -e "s/14400/301/g" *.db
# ndc restart

The above commands will change the TTL of all domains to 301 seconds (5 minutes). I use 301 because it's unique. You can change TLL back to 14400 by reversing the numbers. And here's a brief outline for the move:

1) Change the TTL's as described above on your old server. Wait 4 hours for existing cache to expire.

3) Shutdown Apache, Mysql, Exim, vm-Pop3d, and ProFTPd on both new and old servers.

4) Backup all users using DA and transfer the data to the new server, then restore them. See also this page.

5) User bandwidth history, SSL, and reseller packages are not transfered by Step 4. So we need to do it manually on the old server:

# find -E /usr/local/directadmin/data -regex '.*\.(usage|cert|key|history|tally|pkg)|.*/packages\.list' -print | tar cvzPf missed.data.tar.gz --files-from -

Transfer missed.data.tar.gz to the new server and extract:

# su diradmin -c 'tar xvzpPf missed.data.tar.gz'

6) Make sure the new server has the same ports & packages installed as the old server (run pkg_info to see). Also check config files that you may have changed on the old server (use DA System Backup's file list as a guide).

7) Change the IP's on BOTH servers' named DB files. (You may use the same perl substitution from above.) Then change the IP's of your DNS servers with your registrant.

8) Start up all services on the new server. Leave the old server crippled, running DNS only until the new DNS IP's propagate to all servers (I say about a week).

 

[nobaloney]

# cd /etc/namedb
# perl -pi.bak -e "s/14400/301/g" *.db
# ndc restart

This will result in problems under certain circumstances:

If you have a real slave nameserver (as opposed to having both ns1 and ns2 point to the same DA server) the slave server will NOT get updated, since the serial number will not be incremented.

If you change the DNS through the DirectAdmin control panel for any reason, the entire zone will be changed back to using 14400.

If any of the zones have already been changed to use something beses 14400, they will not be changed by this edit.

Also, what OS are you using?

In RHL and in RHEL and derivatives, the named files are at /var/named, and not at /etc/namedb.

Jeff

 

[motobrandt]

thanks

thanks for both of your responses. this seems very detailed and I am about ready to start this.
Is there anything special about moving the SSL certs?

And what about webmail? doesn't squirrelmail put mail in a different directory then the regular Imap mail?

As stated in my first post I'm using FreeBSD 4.11.

cheers!

 

[nobaloney]

I don't support FBSD but here are some general answers:

When you move a cert you must move both the private key and the cert itself.

If the backup/restore doesn't do that then you'll have to do it manually.

I believe that squirrelmail uses standard IMAP folders. However Uebimiau doesn't.

Jeff

 

[max2000]

When it comes to move a customer from a machine to another I use 5 seconds TTL. When the customer has uploaded its files on the destination, I change de IP and the swap is practically without any downtime.

 

[nobaloney]

Actually you can go all the way down to 0, but the problem is that some ISPs (AOL has been known to do this) will just cache for some default period of time when you use very low TTLs.

And for folk who are browsing your site at the time it's moved, it still causes a break in connectivity because browsers (and many networks, routers, etc.) don't respect TTL.

If you don't plan some downtime how can you move databases?

Jeff

 

[max2000]

I create a new account for my customer. The can access to this account using the servers ip. When he moved all his files and db, and when he created all his emails aliases and redirections, I change the IP from the DNS server. I moved many customers to my hosting without any downtime.

I wasn't aware about AOL!