I recently moved my two authoritative servers to new servers on new IP's. I did it slowly leaving the old servers up so that everyone would have time to receive the new IP for my domain. When I query everything from google's free DNS servers to my own recursive servers I show the new IP's, which is what I expected. It has been a month since I moved to the new IP's, however I am still see a ton of query's going to the old Auth servers. My authoritative servers do not have recursive turned on so all the traffic I am seeing is coming from other DNS servers and they are querying my domains for records. Did I miss something? Is that normal? Is it safe to just turn the old servers off?
Here are the queries I am seeing in the logs 16-Sep-2015 09:00:16.807 client 78.140.179.9#22202 (ns2.mcomdc.com): query: ns2.mcomdc.com IN A -EDC (74.84.103.134) 16-Sep-2015 09:00:16.882 client 63.79.12.161#20765 (ns1.mcomdc.com): query: ns1.mcomdc.com IN A -EDC (74.84.103.134) Here is the process I followed to move to the new IP's. I brought up my new servers with the new IP's. I changed the A record for ns1.mcomdc.com on all 4 of the servers (old and new) to the new IP address. I waited a few hours to confirm it all looks good, then made the change to ns2.mcomdc.com. I then left all 4 servers up for 72 hours and came back and confirmed every major free recursive DNS server had the new ns server IP's and any changes I made to the new server and not the old where propagating across the internet. I am not sure it matters here but I am running BIND 9.10.2-P4 Thanks, Teresa Campbell
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
