Overview: Step by step DNS migration

Here is the full recipe for migrating and checking DNS builds.

1. Run bin/recreate_database.sh to create the Cyder database (the old database will be overwritten, if it exists).

2. Run manage.py maintain_migrate -qt. Save the output to stdout and stderr in a log file for future reference. This can take several hours.

NOTE: You only need to do the above steps once for both DNS and DHCP. Don't do it for DNS and then do it again for DHCP.

3. Run manage.py tiny_migrate dns-header and manage.py tiny_migrate dns-footer. These two files can be retrieved from the nameserver.

4. Create the dns_stage and dns_prod directories specified in the settings.py file. Create a Git repository in dns_prod. dns_prod is where the config files are saved for the local BIND server. This repo needs to track the remote branch where the actual config files for the production BIND server are to be stored. This way, when you instruct bindbuild to push, the changes will get pushed upstream.

5. Run manage.py bindbuild -pfC. -p pushes the changes, -f and -C are force-build and no-sanity-check, respectively, and should only be necessary on the first build.

6. Reload your BIND nameserver. It should load the files created in dns_prod.

7. Run bin/diffaxfr.sh to compare the zone transfers of the local nameserver and the currently authoritative nameserver. The addresses of the nameservers and the zones compared can be set by changing the appropriate variables in diffaxfr.sh: ns1, ns1_target, ns2, ns2_target, and zones. The AXFR results are stored in build_dir/ns*_all_outfile.axfr.sorted.

8. There is a tool that can be used to automate the verification of builds based on migration logs to determine why certain differences exist. You will need a diff of the AXFR results (call it axfr.diff) and your migration logs from step 2 (call it migration.log). Run bin/dnsdiffchecker.py axfr.diff migration.log.