[BALUG-Admin] BALUG migration from DreamHost & DNS, etc. ... "all clear" by ~2017-09-18T02:24-0700

Michael Paoli Michael.Paoli@cal.berkeley.edu
Sun Sep 17 23:41:16 PDT 2017 

So ... fairly close to 100.0000% off of DreamHost.com - though
there's also some follow-up and post-migration stuff yet to do.

The DNS changes had all been put in by:
2017-09-16T22:19:49-0700
notably changes for balug.org DNS and Resource Records (RRs) under
that domain (e.g. lists.balug.org),
and also registry data changes - Name Servers (NS) delegated from
org. and glue records.
Once those had been implemented, those changes were verified
on the relevant NS to be in effect (changes went in somewhere
between nearly instantaneous and fairly darn fast - certainly
faster than the minute(s) or so it took me to check and validate).

TTLs ...
for the latter "upstream" bits (glue & NS delegation from
org.):
86400 (24 hours),
for the stuff at BALUG.org authoritative NS & on down, generally
14400 (4 hours), at least for most of the records of relevance
(including not only "new"/updated, but also the older ones
hosted by DreamHost.com - where most notably in general we had
not ability to adjust TTLs).

So ... adding those bits together (worst case total caching of
relevant RRs) ... 28 hours, ... so ... should be 100.0000% free
of DreamHost.com's (former) hosting of BALUG.org by about
2017-09-18T02:19:49-0700 ... or, adding/allowing for some
transmission latencies of DNS servers that may be caching data,
pretty reasonable to presume for all intents and purposes totally
free and clear by:
2017-09-18T02:24-0700  :-)

Anyway, do need to wait out the TTLs to avoid issues.
E.g. I did check many hours ago (but also many hours (much more than 4)
after the DNS changes were in ... for semi-random data point
checked the data on DNS servers of my ISP.
Half of them had (or had obtained) the older DNS data, half the newer
DNS data.  This was probably due to whether or not they'd cached the
older upstream bits - and perhaps even from when, and if that'd
already expired or not from their caches ... those that hadn't
yet dropped the cached older (but not yet expired) upstream
data, still went (appropriately) to the old NS, and fetched
the older data from there (which would then be cached again for up to
the 4 hrs. TTL of that data), whereas the others had (or fetched)
the current newer data.  Anyway, ought all be good and current
throughout Internet (at least where well behaved) by
2017-09-18T02:24-0700.

Just a few of some of the immediate benefits of the migration,
and noting some that DreamHost.com. couldn't even offer:
o https - on balug.org & lists.balug.org (already got & installed cert)
o IPv6 on balug.org & lists.balug.org
Many others - but that's just a start.

Glitches?  Found and corrected a few glitches.  The "new" site,
the canonical on there used to be www.new.balug.org - so
(virtual) Host: headers not matching one of many canonicals,
would redirect to www.new.balug.org.  Unfortunately initially
missed including www.balug.org (and balug.org) ... so corrected
that so they wouldn't inappropriately redirect to www.new.balug.org
(www.new.balug.org mostly functions as a beta/QA/pre-launch site - it's
never been the over-all canonical for balug.org).  Anyway, corrected
that.  Likewise lists.balug.org - had a few kinks to squeeze out of
the configs (notably forgot to activate some bits I had queued for
activation but hadn't actually activated yet) ... once that was
squared away, then list.balug.org was working as expected.

There does remain more to do "of course".  Some of the items quite
high in queue to be done soon:
o load the older list archives (likely complete that well before noon)
o adjust list information pages once above is done
o draft BALUG announcement to send out (meeting is Tu; will send that
   tomorrow AM)
o (perhaps before sending out above, but after 2017-09-18T02:24-0700):
   reconfigure {lists,temp}.balug.org so lists.balug.org is canonical,
   but preserving backwards compatibility with temp.balug.org (will allow
   a transition period where both can be used - probably until about
   2017-11-30 (current obtained cert that also covers temp.balug.org
   expires 2017-12-16T13:47:00+0000)
o add proper SPF records for {lists,}balug.org
o various other DNS adjustments & tweaks (notably "roll up" delgated
   subdomains thereof into balug.org zone)
- there's a fair amount of other stuff too, ... much of it may be
   listed on:
   https://www.wiki.balug.org/wiki/doku.php?id=balug:mail_and_lists
   https://www.wiki.balug.org/wiki/doku.php?id=balug:dreamhost_exodus
   ... but certainly not necessarily all.  Those wiki pages mostly cover
   stuff *through* migration, but may not cover much beyond completion of
   migration itself - though they do touch on at least some post-migration
   steps.

> From: "Michael Paoli" <Michael.Paoli@cal.berkeley.edu>
> Subject: Re: [BALUG-Admin] BALUG migration from DreamHost & DNS, etc.
> Date: Sat, 16 Sep 2017 22:36:31 -0700

> ... and the DNS bits have been kicked off, and verified those
> changes propagated to the most relevant DNS servers,
> notably those (newly) authoritative for balug.org,
> and the org. NS servers ... all those have the relevant
> current data (verified) - including glue records,
> largest relevant DNS TTL is 86400, so, essentially 24
> hours after those changes, any older cached bits
> still hanging out in Internet DNS should have expired by
> then and then be using the current updated data.
>
> I think DreamHost.com freedom (from) day should arrive
> starting late tomorrow.  :-)
>
>
>> From: "Michael Paoli" <Michael.Paoli@cal.berkeley.edu>
>> Subject: BALUG migration from DreamHost & DNS, etc.
>> Date: Sat, 16 Sep 2017 21:58:37 -0700
>
>> Nearly ready to start the major DNS changes to kick off last stages of
>> migration of BALUG.org away from DreamHost.com hosting.
>>
>> This should mostly be highly seamless except ...
>> for the domains themselves:
>> www.balug.org
>> balug.org
>> lists.balug.org
>> There may be some minor issues/discrepancies apparent, as for a while,
>> (up to about 24 hours, due to DNS TTLs) those DNS names may go to either
>> the old legacy DreamHost.com hosting, or the new "hosting" (self-hosted
>> VM).
>> There are also a fair number of DreamHost.com hosting specific DNS names
>> that will be going away or changing - but those changes should
>> effectively pass without notice or detectable impact (e.g.:
>> www.mailboxes.balug.org.
>> ftp.balug.org.
>> mysql.balug.org.
>> etc.)
>> Note also that at the present time,
>> lists.balug.org. is (temporarily) deprecated - so don't expect
>> it to work yet (but it will be revived to full functionality again
>> in near future, as it will replace temp.balug.org which will be
>> phased out over suitable adjustment period).
>>
>> If you notice any more significant issues, certainly feel free to
>> contact me.

More information about the BALUG-Admin mailing list