Glue records only ever exist in the parent zone of a domain name.
Hence in the case of your example.org
domain name, first find the .org
name servers:
% dig +short org. NS
a0.org.afilias-nst.info.
a2.org.afilias-nst.info.
b0.org.afilias-nst.org.
b2.org.afilias-nst.org.
c0.org.afilias-nst.info.
d0.org.afilias-nst.org.
Then, for as many of these as you feel like testing, explicitly ask those name servers for the NS
records for your domain:
% dig +norec @a0.org.afilias-nst.info. example.org. NS
You should get back the correct list of NS
records in the "AUTHORITY SECTION". For any name servers that have correctly configured glue you should see those glue A
(and/or AAAA
) records appear in the "ADDITONAL SECTION".
To keep things simple and do one thing at a time, you should not change your domain's NS records during this migration. If you want to migrate the web site and also migrate the authoritative DNS server, do it in 2 separate steps. To migrate the web site, change only the A and AAAA records.
A conventional "low value" TTL to set on the A and AAAA records is 300 (5 minutes).
If you can operate both servers at the same time for a short period, then you can do even better than a DNS-based migration. You can set the old server to proxy requests to the new server, so that clients which still contact the old server get their requests forwarded to the new server. This is easy to achieve with Apache with ProxyPass
.
Later, if you want to move the DNS hosting, change the NS records and change the delegation in the parent zone (i.e. make the change at your domain's registrar). It is ideal if you can deploy the zone in the new servers ahead of time and leave both sets of nameservers serving the domain for a period of time.
EDIT: Details about ProxyPass
This Apache config snippet, placed in the <VirtualHost>
section for your server, or directly in server config if there is no <VirtualHost>
, will allow the old server to forward all requests to the new server:
<Location />
ProxyPass http://www.example.org/
</Location>
You normally should have ProxyPassReverse
with ProxyPass
but in this case it can be omitted since it would have no effect because the old site and new site have identical ServerName
.
You probably want to remove any other <Location>
, Alias
, RewriteRule
, or other URL-mapping directives from the old server config at the same time to be certain that the proxy rule and only the proxy rule gets processed. (Keep a backup around, of course, in case you need to back out of your migration!)
Make sure the old server knows the correct new IP address for the web site's domain, otherwise it will proxy the request back to itself!
Best Answer
No, you can't do
because the
CNAME
record type isn't allowed to co-exist with the (required)SOA
andNS
records that you have to have at your zone apex (or any other resource record type, for that matter, except for DNSSEC-related records).See s3.6.2 of RFC 1034: