We won't lie to you?the fx.movie.edu example we showed you was unrealistic for several reasons. The main one is the magical appearance of the special-effects lab's hosts. In the real world, the lab would have started out with a few hosts, probably in the movie.edu zone. After a generous endowment, an NSF grant, or a corporate gift, they might expand the lab a little and buy a few more computers. Sooner or later, the lab would have enough hosts to warrant the creation of a new subdomain. By that point, however, many of the original hosts would be well known by their names under movie.edu.
We briefly touched on using CNAME records in the parent zone (in our plan9.movie.edu example) to help people adjust to a host's change of domain. But what happens when you move a whole network or subnet into a new subdomain?
The strategy we recommend uses CNAME records in much the same way, but on a larger scale. Using the DNS console, you can create CNAMEs for hosts. This allows users to continue using the old domain names for any of the hosts that have moved. When they telnet or ftp (or whatever) to those hosts, however, the command will report that they're connected to a host in fx.movie.edu:
C:\> telnet plan9 Trying . . . Connected to plan9.fx.movie.edu. Escape character is '^]'. HP-UX plan9.fx.movie.edu A.09.05 C 9000/735 (ttyu1) login:
Some users, of course, don't notice subtle changes like this, so you should also do some public relations work and notify folks of the change.
How do you create all these aliases? Well, you could do it manually using the DNS console, CNAME record by CNAME record. Or you could use a Perl script to create CNAME records for every host in fx.movie.edu.dns:
# # Simple Perl script to create aliases # Run with <script> <domain name of child zone> # die "Usage: $0 <child zone>\n" if $#ARGV!=0; open(ZDF, "$ARGV[0].dns") || die "Couldn't open $ARGV[0]: $!\n"; ($label, $parent) = split(/\./, $ARGV[0], 2); $parent .= ".dns"; open(PZDF, ">>$parent") || die "Couldn't open $parent: $!\n"; while (<ZDF>) { if (/\s+IN\s+A\s+/) { ($host, $rest) = split(/[\s\.]/, $_, 2); printf PZDF "%s IN CNAME %s.%s.\n", $host, $host, $ARGV[0]; } };
Although parent-level aliases are useful for minimizing the impact of moving your hosts, they're also a crutch of sorts. Like a crutch, they'll restrict your freedom. They'll clutter up your parent namespace when one of your motivations for implementing a subdomain may have been making the parent zone smaller. And they'll prevent you from using the names of hosts in the subdomain as names for hosts in the parent zone.
After a grace period?which should be well advertised to users?you should remove all the aliases, with the possible exception of aliases for extremely well-known Internet hosts. During the grace period, users can adjust to the new domain names and modify scripts and the like. But don't get suckered into leaving all those aliases in the parent zone; they defeat part of the purpose of DNS because they prevent you and your subdomain administrator from naming hosts autonomously.
You might want to leave CNAME records for well-known Internet hosts or central network resources intact because of the potential impact of a loss of connectivity. On the other hand, rather than moving the well-known host or central resource into a subdomain at all, it might be better to leave it at the parent zone level.