On 10/31/16 7:54 AM, Jan Stary wrote:
On Oct 30 11:28:55, jr...@openvistas.net wrote:
Hi all,
I'm moving to a new server hosted at m5 and I'm ready to pull the trigger on
making the switch.
In the past doing this sort of move I've run into dns update delays--even
with the ttl on my dns set to 300, there is a lot of e-mail especially that
continues to attempt to deliver to the old server long after the dns update
has taken place.
It seems like I should be able to use pf to redirect all inbound traffic
except ssh to the new server. I tried redirecting web traffic as a test
with the following rule in pf.conf:
#pass all non-ssl web traffic to luna
pass in quick proto tcp to port www rdr-to luna.openvistas.net port 80
but that doesn't work--the connection never completes. httpd is for sure
working on the new server--I've been using an /etc/hosts file to test from
my home Mac and the web sites all work fine.
The rule references the name.
Are you sure it resolves to the new address already?
Would it be safer to just hardcode the IP address for the transition?
Also, this is probably not your _entire_ pf.conf
For example, there is no rule letting the redirected packet out.
Jan
Yes, the domain name resolves.
I followed the example that Philipp pointed me toward and that fixed the
issue of redirecting web traffic.
Thanks for the reply!
Jeff
