This article discusses best practices surrounding the transition process when spinning up new Umbrella Virtual Appliance (VA) instances to replace either replace other VAs or pre-existing non-VA local DNS servers. Scenarios for new VAs include:
- Deploying VAs for the first time
- Replacing an existing VM Host with a new host
- Spinning up a new VA instance at a different IP as an old instance
- For example if asked to do so by support
- Transitioning to VAs at different IP addresses
- Transitioning VAs to another Umbrella Organization
- Transitioning away from using VAs
Step 1: Deploy the new Virtual Appliance VMs
The first step is to make the DNS server we are transitioning to operational. In most cases, this is deploying a new Virtual Appliance into operation at it's new permanent IP address.
- Old DNS/VA: Up and running on IP A. Receiving all DNS.
- New VA: Up and running on IP B
- DHCP: IP B
Transition the DNS to the new VAs
In this step, adjust the current DNS settings (typically DHCP-given) for the network from the old DNS settings to the new ones for the new VA. Since DHCP leases expire over time, ensure that the old local DNS server remains operational at least as long as your DHCP lease expiration to avoid any interruption in DNS.
- Old DNS/VA: Up and running on IP A. Receiving some DNS.
- New VA: Up and running on IP B Receiving some DNS.
- DHCP: IP A. Older leases may still have IP B
Removal of old VA VMs*
*Skip this step if the DNS servers being transitioned from are not VAs.
Once all users' DHCP leases have expired and updated to the new DNS servers, validate that the old DNS server is not receiving any DNS queries. Correct any remaining static entries sending DNS to these old IPs. At this time, the transition is complete. If the old DNS server is a VA, you may now delete it and it's Umbrella Dashboard entry. If the old DNS server is a DC or local DNS server for your local records, keep it since the VA will use it for local DNS domains.
- Old VA: Taken Down. Old Local DNS remains if still used for local DNS via VAs or Active Directory
- New VA: Up and running on IP B. Receiving all DNS.
- DHCP: IP B