Some of you (or Dan at least) have noticed that for the last few days there has been an (LP) in the title section of the browser when you view this page. In case you were wondering what it’s for, it’s all part of my “no downtime” server move.
A couple days ago (after the WP2 upgrade), I transfered the database that this blog runs on over to my new server, and pointed the blog that’s still running on the original server to use the database on the new one. Then I configured the blog on my new server, so that it is running in both places, working off the same database.
Today, I went ahead and updated the record on my DNS server to point this domain to the new server, so that gradually, as the caches for the old address expire, people will start hitting the new server and never notice the difference.
I added the (LP) to the title in the theme file that’s running on the original server (LunarPages hosting), so that I can tell which server any given browser is seeing at the moment, just for fun. Eventually, all the requests will come to the new server at which point I can cancel my account on the old one.
Additional technical details that most of you can probably skip:
Ideally, for DNS moves, you should also prepare in advance by first just shortening the cache time for the existing record a couple weeks before you plan to change it, so that DNS servers (or at least the ones that honor that setting) will have refreshed their lookups by that point and told themselves not to cache this particular address for very long, so that when you are ready to actually change the record, most servers will do a refresh very quickly rather than waiting the regular amount of time. I didn’t bother to do that this time, though, since I also kind of want to test this two server approach for as long as it lasts, and see how long it takes for all the hits to come to the new address.
10 Comments
I really doesn’t take that long, for instance I’m seeing your new server now.
At the bottom: you were referring to the TTL right? Because I was going to suggest you change that instead and then you wouldn’t have to worry at all.
So it looks like your good from here and I’d assume you’d be good for the other 98% of your visitors. Good job.
Yes, I was talking about the TTL. That’s what I was saying: a lot of people will first shorten the TTL a couple weeks before they make a change, to try to get all the DNS servers to pick up the new short TTL value, so that when they actually make the IP address, change all those caches will expire sooner and get the new value more quickly. You do have to plan ahead for that though, so that the servers all pick up the shorter TTL before you actually make the address change.
You still do have to worry about it though, because some DNS servers do not honor the TTL from the source server, and cache the result anyway for days or even weeks.
Also, once you change the address, you should set the TTL back to a longer value, not just leave it short, because then you would be causing undue burden on your DNS server. The whole point of TTL and caching is to reduce the number of hits to your DNS server, so setting it short permanently will diminish the success of that goal.
If you’re wondering why I knew about TTL it’s because of a story I heard or read about Microsoft accidentally changing their TTL to something like seconds or minutes instead of days like it should for them and they took the internet down because it was pretty much DoS all the DNS servers around the globe. Pretty funny story if you ask me.
If I remember correctly, they had to do that in preparation for a virus that was set to do a DoS attack against microsoft.com, and they wanted to be ready in case they had to move the servers quickly. I don’t remember it actually causing a DoS, but rather being in response to a planned one. Maybe that’s what you were thinking of?
I might have been misinformed but I specifically remember they did bring down the internet. Not a response of they might.
Your file repository seems to be missing. Has it come over from the old server yet? I’m looking to download one of your plugins but can’t seem to obtain a proper URL.
Ya, I haven’t moved over everything yet. Sorry, should be wrapped up this evening.
Re: the MS thing; I’m not saying you’re wrong, just that I don’t remember the internet being “down” for a couple days. I think a lot of people probably would have noticed. But I also have a hard time believing that would necessarily bring it down anyway, so for now, I am skeptical.
I remembered the net down for a day a long time ago, like 10 years ago.
The way it was explained to me it has very feasible. I’ll try to rehash it but I will most likely get some of it wrong.
Each user needs to be routed to a certain IP. There a lot of DNS servers that cache the IP’s of sites so the user can be routed to the IP directly without going to the *key* servers that run the web (this is where it gets foggy because if I remember right there are not a lot only 10+ in the world that route the internet). If the DNS servers had no cache because the TTL expired the user would be routed to the key servers making a bottle neck, choking and DDOSing the servers. And since these key servers are down the caching servers can’t update their caches resulting in a downage of the internet for all.
I wish I knew what the hell these key servers are called or remember how many. I’m sure you could shine some light.
The central DNS servers are usually referred to as the “root servers”, and I believe there are about 13 of them.
Any complete failure of that set of machines is (as far as I know) completely theoretical. IIRC, there was a direct *intentional* DDoS attack on them and about 3 or 4 of them were out of commission, but that had nothing to do with DNS TTLs.
Technically, I still don’t think MS changing their TTL to 60 seconds would pose any such threat to the root servers, because all the other servers in the chain would still be caching the results all along the chain, just not for very long. So, at most, the root servers would just be getting 1 hit per minute from the DNS servers that are referring directly to them (which isn’t that many - most DNS requests go through a long chain), so I hardly see that bringing them down, because pretty much every DNS server between you and them would be working to cache those results, and your request would only ever traverse all the way to the root servers if none of the servers in that path had gone that far within the last minute.
Also, only DNS requests (not other traffic) goes to them, so it would be difficult for there to be that many requests (since those are so small) to really flood them.
I did a brief search to satisfy my curiosity, and I didn’t turn up much of anything other than the virus reference I previously mentioned. I would think this would be a huge enough story to still show up pretty easily in a quick search. I didn’t look into it too deeply, though, so if you find any links on it, go ahead and post them, because I’d be interested in hearing about it.