Ask the Expert

Best practices for DNS during name server migration

I am in the process of setting up name servers for our hospital's public domain. We currently have one Web server internally that handles our Internet and intranet sites, and our PIX has a hole through it for access from the outside to the inside Web server. My question is in how to best handle the DNS during this migration, specifically concerning the Exchange entries (we handle our own e-mail). My new DMZ, with name servers and public Web server, has been set up and tested, and I am to the point of defining the DNS on those name servers for propagation (to include MX entries). Along these lines, my secondary issue is how do I keep the DMZ DNS entries (private IP subnet 10.10.x.x) from propagating out with my public IP DNS entries?

    Requires Free Membership to View

Maybe I'm missing something, but I don't completely understand what transition you're going through. Your DNS is currently externally hosted, and you're moving it inside the firewall, and your ISP will perform secondary, correct?

If that's the case, I would set up different zones for internal and external DNS to keep your internal entries from slipping out. There are other ways to do it, but simply filtering records has a huge potential for human error.

During the transition, keep the existing DNS server up and running for a few days until it's no longer getting requests for your domain. It doesn't hurt to have it online and thinking it's authoritative. Just don't plan on changing any DNS records during the transition period. After your nameserver changes have propagated throughout the Internet, you can take the old DNS server offline.

This was first published in September 2003

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: