On Oct 30 11:28:55, jr...@openvistas.net wrote:
> Hi all,
>
> I'm moving to a new server hosted at m5 and I'm ready to pull the trigger on
> making the switch.
>
> In the past doing this sort of move I've run into dns update delays--even
> with the ttl on my dns set to 300, there is a lot of e-mail especially that
> continues to attempt to deliver to the old server long after the dns update
> has taken place.
>
> It seems like I should be able to use pf to redirect all inbound traffic
> except ssh to the new server. I tried redirecting web traffic as a test
> with the following rule in pf.conf:
>
> #pass all non-ssl web traffic to luna
> pass in quick proto tcp to port www rdr-to luna.openvistas.net port 80
>
> but that doesn't work--the connection never completes. httpd is for sure
> working on the new server--I've been using an /etc/hosts file to test from
> my home Mac and the web sites all work fine.
The rule references the name.
Are you sure it resolves to the new address already?
Would it be safer to just hardcode the IP address for the transition?
Also, this is probably not your _entire_ pf.conf
For example, there is no rule letting the redirected packet out.
Jan
