Re: PIX 525 - Two Outside Interface Possible ??

smartin · ‎11-05-2004

In the next week or so we will be moving our public internet access to another ISP.

In doing so I have to change 20 DNS names to the new ISP. I will be moving the DNS information on a Friday (Late).

My question is, is it possible to have two "outside" interfaces connected at the same time in order for DNS to propagate.

laje · ‎11-05-2004

Theorectically, No. This configuration will go against the way ASA works and no information will flow between both interfaces.

mpalardy · ‎11-05-2004

It might be a nightmare...! Since you have a default route to the old ISP. You will have to call the shot to both ISP's.

Contact the old ISP and ask for 2 easy tasks:

1) 72 hours before the change of your ISP ask for a reduction of the "time to live" of your domain. Should be reduced from xx-hours down to 10 minutes.

2) Cease the advertisement of your domain at a precise moment.

Also contact the new ISP and ask how long it will take them to advertise the new DNS' around the globe. After ISP-old ceased advertising your domain. (this will be your downtime)

By doing so you will reduce your downtime at the minimum with the best chance of succes.

You also might want to use this link to verify if the job is well done:

http://www.zoneedit.com/lookup.html

Good luck!

Mike

davecs · ‎11-08-2004

hi,

yes it will be a pain.

best way is probably a week before change your DNS expiry/refresh times to 10-15 mins,

wait for THAT change to propegate around the world, then new changes wont take as long.

obviously change the expiry/refresh back after!