Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

GSS Migration

Hi

Would like to get feedback on the best way to migrate Microsoft External DNS servers to GSS managed DNS servers.

We currently have primary and secondary Microsoft Internt DNS servers one in primary data centre and the other in backup data centre.

If we were to introduce GSS and move the domain names onto these boxes is their a recommended way of migrating.

Would it be possible to say add the GSS as another secondary DNS server and do a zone transfer from the current Microsoft servers to the GSS and then on the primary GSS start to change each of the DNS domain names with the various rules keeping the GSS as a secondary DNS server.

Once all the rules are updated for the DNS names we could then promote the GSS secondary to be the primary NS server.

To test it we could simply shutdown the Microsoft primary DNS server make sure the GSS acting as a secondary can service the names and if all works then promote it to be the primary NS server.

Any feedback would be appreciated.

Thanks

Bill

2 REPLIES
Bronze

Re: GSS Migration

With a GSS, it is possible to use a src ip access-list so the dns response can be different depending on the ip of the requester. Just be aware that if you have internal hosts trying to get a dns answer from the CSS they will also get the public ip. There is no way to distinguished between internal and external host. Normally, you should only answer with the private ip and the firewall uses dns fixup to translate the ip inside the dns response.

New Member

Re: GSS Migration

Thanks for the response.

Our plan is to have External GSS for the Internet Domain Names and seperate set of internal GSS for internal host names. The external and internal will not talk to each other.

The question is that for the external DNS can we simply do a zone transfer to the GSS then start adding the availability rules to each domain name.

Thanks

Bill

255
Views
0
Helpful
2
Replies
CreatePlease login to create content