5

If I change a computer's IP address, it can take a long time for ISP's to stop caching the results. Is there a way to mitigate this, if I plan ahead?

jldugger
  • 14,122
  • 19
  • 73
  • 129

3 Answers3

21

If we KNOW we will be moving an IP address, we turn down the TTLs for that record. That tells the DNS servers on the internet how long to keep that IP in cache. When we move it over, the rest of the 'net catches up fairly quickly. Once the move is done, we move the TTL's back to their normal value.

We did this a couple weeks back when we needed to change our MX record. It uses the same steps as an IP change. First, we lowered the TTLs for the MX records from 1 day to 5 minutes. We then waited 2 days for the change to propagate. We updated the MX records on our DNS servers, and within 10 minutes every client on our network was using the new data. Looking at mail logs, it took about 2-3 hours for the rest of the internet to catch up. Once the change was made, we then raised the TTLs back to their previous default.

sysadmin1138
  • 131,083
  • 18
  • 173
  • 296
  • How long does it take a TTL to propagate? – jldugger Jun 11 '09 at 02:13
  • A change in TTL will, just like any other change, take (at most) old TTL to propegate. Also note that many large ISP's put a lower limit of anywhere up to four hours on TTL (some did force 1 day, but I believe that's been stopped) – LapTop006 Jun 11 '09 at 02:44
1

Probably the easiest way would be to add the new IP as a secondary IP on the box, then update the DNS record. After a week or so you should be safe to remove the old ip and make the secondary ip the primary address.

Zypher
  • 36,995
  • 5
  • 52
  • 95
1

If you're just renumbering existing hardware, you can do as Zypher says and dual-address over the transition period. If you're actually moving the services, though (say to a different hosting provider) you can use dual-NAT to redirect traffic to the old address to the new one. This does pre-suppose either full control of the old hardware or a helpful hosting provider, and it messes with your IP access control/logging (all redirected connections will appear to come from the old address), but it's worked quite successfully for me several times when I've had to transition services between networks.

womble
  • 95,029
  • 29
  • 173
  • 228