From owner-freebsd-questions@FreeBSD.ORG Mon May 19 16:52:37 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 48C3337B401 for ; Mon, 19 May 2003 16:52:37 -0700 (PDT) Received: from host02.ipowerweb.com (host02.ipowerweb.com [12.129.206.102]) by mx1.FreeBSD.org (Postfix) with ESMTP id 69DEA43F85 for ; Mon, 19 May 2003 16:52:36 -0700 (PDT) (envelope-from alpetec@host02.ipowerweb.com) Received: from alpetec by host02.ipowerweb.com with local (Exim 3.36 #1) id 19HuQj-0002Pg-00 for freebsd-questions@freebsd.org; Mon, 19 May 2003 16:52:33 -0700 From: "Aaron Peterson" To: freebsd-questions@freebsd.org X-Mailer: NeoMail 1.25 X-IPAddress: 139.55.49.242 MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Message-Id: Date: Mon, 19 May 2003 16:52:33 -0700 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - host02.ipowerweb.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [33877 2452] / [33877 2452] X-AntiAbuse: Sender Address Domain - host02.ipowerweb.com Subject: Re: Is it possible to over-ride DNS X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: aaron@alpete.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2003 23:52:37 -0000 > On Mon, May 19, 2003 at 02:13:02PM -0700, Jonas wrote: > > > > We're going to move a site from one server to another. The > > website is using our SSL cert running on a 3rd server. When > > we change the DNS to point the domain name to the new server > > we will run into problems if the DNS for the SSL server isn't > > pointing to the new server immediately. > > > > Is it possible to enter the domain name in the host file or by > > some other means make sure that the SSL server points to the > > new server when the change occurs? > > Not if you want the rest of the world to be able to use it. If > this is www.netwood.net that you're talking about, drop the TTL > on the A record to 1 minute about 36 hours before you're going > to make the change, and when you're sure it's working on the new > IP address, push it back up to 24 hours. > > You'll see increased DNS traffic during that period, but at > least everything will work! -- Or when I have the opportunity, I would tend to leave both servers up and functional until the DNS change has taken effect. you could do that even if you do make the TTL changes above, and it would provide some insurance that no matter where the DNS points at any moment in time people will get the necessary page. A couple days after the DNS change has taken effect you could disable the old server. just my 2 cents. Aaron Peterson