On Wed, Dec 14, 2005 at 10:02:56AM -0500, Joe Abley wrote: > > > On 13-Dec-2005, at 16:28, Steven M. Bellovin wrote: > > >In message > ><[EMAIL PROTECTED]>, Sam Cr > >ooks writes: > >> > >>I would think you would want to drop your DNS record TTLs for all > >>domains being moved to something very low several days before the > >>switch-over period. > > > >More precisely, you want to change the TTL on the NS records, which > >are > >in the parent zone. If you're keeping the name but changing the > >address, worry about the A records, too. > > You also want to check all the registries which are superordinate to > zones your server is authoritative for, and check that any IP > addresses stored in those registries for your nameserver are updated, > otherwise you will experience either immediate or future glue madness. > > A conservative approach to this kind of transition is to arrange for > your nameserver (or different nameservers hosting the same data) to > respond on both the old and new addresses, and to continue in that > mode until you see no queries directed at the old address for some > safe-seeming interval (bearing in mind TTLs and cached records, > alluded to by Steven and Sam).
currently in the middle of such a safe, conservative transition leads me to believe that there will -NEVER- be a point w/ there are no queries to the old address. (he says, 24 months into a transition...) The right tactic is to make the change, based on 2x the TTL of the SOA. --bill > > > Joe