Migrating Name Servers – How to get the old records


We're a couple of weeks away from launching a new website for a client, to replace an existing website on the same URL.

As part of the work, they're moving their name servers to our hosting provider (Rackspace). At first these need to resolve to their old website (hosted who-knows-where with their old provider), and then on launch day we'll switch it over to point at the new server.

While I'm only responsible for the website, I'm aware that the DNS records are also responsible for things like email, so…

  1. How can I get hold of a complete copy of their existing DNS records? Do I need to contact the existing name servers? (Ideally, can I download/scrape the existing record, and reproduce it on the new system?)
  2. Is there any way of ensuring that the DNS record doesn't change when the Name servers change? (ie verify that I haven't mucked it up).
  3. Apart from the website and MX records, are there likely to be any other important records I need to worry about?

Best Answer

Getting a copy of the existing DNS may involve "scraping" it out of a web-based management interface. You can try to perform a zone transfer of the zone using dig, nslookup, or a DNS server, but any properly-configured DNS server isn't going to serve up zone transfers to Joe AnybodyTM.

You'll find several questions on Server Fault re: orderly cutover of DNS records between an "old value" and a "new value" (Here's one: How do I smoothly migrate a web server's DNS from one IP address to another?).

The traditional method for performing such a cutover is to place the "old value" in the DNS server (e.g. the pre-cut IP address assigned to the "www" A record) and to turn down the TTL prior to the cut (some people prefer backing-off this value by half until the cut takes place-- 24 hours, 12 hours, 6 hours, etc, right up until the cut). Once you hit the cutover time, you put the new record in place and whatever TTL you'd like. Ideally the pre-cut record had such a short TTL that it quickly ages out of cache on all the recursive resolvers around the 'net that might have been caching it (assuming everybody plays along and doesn't do dumb things like overriding your TTLs).

You can augment this by using URL rewriting or a reverse proxy on the old web host to direct clients to the new host if you're really paranoid (or somebody isn't playing by the rules and ignoring your TTL). Whether you need to go to this level of paranoia or not will depend on your specific circumstance. If the site is static in nature I'd keep the web site running on the old server until you no longer see accesses hitting the logs there.

I'd think that the important records are probably the MX record for the domain, and the A records for the domain, "www", and whatever the MX record points to. I'd play it safe and replicate the entire contents of the zone such that you can, later, examine each record and figure out if they're being used and what they're being used for. (I know that my Customers typically have a record for their user-to-site VPN gateway in the public DNS, for example.)