I kinda thought this was obvious, yet I keep getting asked how to do it. So without further ado:
Rob's simple and platform independent DNS zone movement method:
- Setup DNS on the 'target' server, the server you are moving the zone(s) onto.
- Update / notify whoever operates the parent DNS servers that delegate authority for your zone to you that you are adding a new DNS Server.
- On the current primary DNS Server, add a NS record for the new DNS Server, and on this new DNS server, create a secondary zone.
- Make sure the new secondary pulls all the data you expect from the primary and that you're happy with it.
- Change this secondary over to being the primary DNS server for the zone.
- Set the old primary as a secondary. Or remove it. Or burn it, or whatever you want to do (I suggest leaving it as a secondary for a while before removing it. but sometimes you're in a rush, I know).
- Pour yourself a glass/cup of your preferred beverage and enjoy a good job well done.
Don't forget that changes may take some time to replicate around everywhere they need to be, so I suggest taking your time, in particular between steps 2 & 3, and certainly be very sure everything is working before removing the old DNS server in step 6.
Two important links for anyone working with DNS
- Test your DNS - a very good idea if you've found this page because you were searching for help on making changes to it. Understand what your DNS does before you make any changes, so you can be sure it does at least as well afterwards.
- DNS and BIND - if you work with TCP/IP networking a lot, this book should definitely be on your shelf, unless you're making changes to your DNS, in which case it should be open on the relevant page on your desk while you do the work.
Oh yes. Don't forget that you might also need to recreate or update the reverse DNS lookup zone.
Ok, I've been meaning to give some link love (not that anyone reads this blog for it to mean much) to Jeff Atwood's Coding Horror blog for some time now. I'm not a programmer, at least not any more, yet I find myself reading a number of coder blogs over and over, with this perhaps one of the ones I enjoy most.
Jeff has had a couple of posts up recently about the fizzbuzz programming problem. An utterly trivial program that is designed to test if someone applying for a coding job has at least elementary programming skills and thought processes.
The problem is an extremely simple one, because despite not having the word "programmer" anywhere near my job description for 10 years now, I was able to solve the problem in about 2 minutes. I emailed it around to a couple of people I work/worked with who are programmers and they solved the problem without even blinking, and pointed out that while my solution worked it wasn't as efficient as it could be.
Jeff's first post on the subject talks about the shock he feels at the idea such a test is needed. Quite a lot of the comments to the post talk about solving the problem itself, and most worryingly of all, more than a few of them get it wrong. Jeff then writes an amusing follow-on post about how people spent too much time on the fizzbuzz problem and not enough time on the problem that fizzbuzz was supposed to illustrate.
Now this gets me thinking: what is the system administrator/architect version of fizzbuzz? In interviews we can ask a few questions about how a server OS works at some level. We can set a few problems and see how people go about them, but what is the basic platform agnostic Turing Test for basic system admin competence, or the entry level filter for network systems designers?
The best one I've got so far is to ask a candidate to explain what is wrong with having a workstation running a virtual machine which contains a server, and requiring users to authenticate to this virtual server before the workstation can log in and any application (including the virtualisation app) can start.
Another more complex problem, more suited for people who work at a lower level with networking more than with the servers upon the network might be to describe a system to allow systems to allocate IP address to themselves such as APIPA or Bonjour, and to describe issues that might arise from this, and possible solutions.
Any more suggestions?