Educause Security Discussion mailing list archives
Re: Internet presence during a disaster
From: Graham Toal <gtoal () UTPA EDU>
Date: Wed, 14 Dec 2005 15:22:44 -0600
To activate the server we would change the registration for our main web server to the IP address of the provider so that anyone going to www.su.edu would be directed to the off site server.
You have to be careful when you do that - currently you will have one master DNS server which holds the zone files, and several secondary DNS servers which fetch your zone file on the fly. Assuming your primary DNS server is in the disaster area and also offline, what needs to be done is that you manually contact your backup DNS admins and ask them to discontinue secondary service and for a time become primary servers, with a pre-prepared cut-down zone file which you supply them in advance. *Do not* rely on them making edits to the automatically fetched file from the secondary mechanism. Since this switchover is an activity that if abused could take your campus down at any other time, you need to tell the remote DNS admins exactly under what circumstances they should put up the temporary primary zone file. I'ld recommend giving them a password that you could quote on the telephone when you call them. Also if you are very brave, you might give them instructions to kick in the zone file if they are aware of a major disaster in your area, and your network has been unreachable for a certain period of time (such as 2 days) and they have not heard from you (as *all* communications may be down). Graham
Current thread:
- Re: Internet presence during a disaster William Moore (Dec 13)
- <Possible follow-ups>
- Internet presence during a disaster Fox, Danny D. (Dec 14)
- Re: Internet presence during a disaster Joel Rosenblatt (Dec 14)
- Re: Internet presence during a disaster Gregory, Edward (Dec 14)
- Re: Internet presence during a disaster Graham Toal (Dec 14)
- Re: Internet presence during a disaster Franklin, Elliott (Dec 14)