Migrating your DNS to a cloud provider like Amazon’s Route53 service can be a daunting task.

Thankfully, with dns-tools you can test your DNS records before and after the migration to ensure that everything made it across in one-piece. This is the three steps we follow when migrating from a Windows DNS Active-Directory integrated server to Route53:

  • Generate zone data
  • Assess your current zone data
  • Migrate (via the API!), and
  • Verify by resolving against the AWS name servers before cutting over.

Follow along below and in just 10 minutes you’ll know if everything will migrate smoothly for you.

Generate

We first need to generate a zonefile for our zone because with Active Directory-integrated zones there are no zonefiles that are directly accessible.

dnscmd /ZoneExport dnstools.ninja dnstools.ninja

This command will generate a file called dnstools.ninja (for our zone dnstools.ninja, that is why it is listed twice) in the directory C:\Windows\System32\dns. (More generically, C:\Windows will be whatever your %SystemRoot% is set to.) For more information on this tool and command see here. We can now copy this file to our present working directory to simplify our paths for the next steps.

mv C:\Windows\System32\dns\dnstools.ninja

Assess

The first step to a successful migration is to resolve each of our records and save a snapshot of how they resolve. You can output this to your console, TSV or for this purpose, we will use JSON as it’s easiest to compare with diff.

dns-tools resolver -f .\dnstools.ninja -o json > before_migration.json

Migrate

With our current status saved, we can easily migrate to AWS’s Route53 DNS service, via the AWS API, in just one command:

dns-tools migrate -f .\dnstools.ninja -c aws

Hint: Dry-runs are possible. See --help for more.

Verify

After the migration has completed we can check that all of our records resolve against any of our newly assigned AWS nameservers. In this example, we were given ns-369.awsdns-46.com:

dns-tools resolver -f .\dnstools.ninja -dn ns-369.awsdns-46.com -o json > after_migration.json

With this we can compare our original resolved results against the results from our newly migrated service.

diff (cat before_migration.json) (cat after_migration.json)

In this example, we can see that all of our records are the same! The only difference here is the date and server we ran these against. Profit!

Congratulations, you have now safely migrated your Windows DNS AD server to Amazon Web Service’s Route53 cloud based service in less than 3 minutes! You are now ready to scale.

Get dns-tools today!