[Common Issue] Minimal downtime for a live site DNS migration


The trick with migrating a live site is all in DNS timing .

Specifically, we can't get a new SSL certificate for your site until the Time To Live (TTL) value has expired from your old DNS values. The new DNS values for Netlify must first be in place and correct, and then issuing the certificate is a breeze!

Below are the steps to follow for a successful migration with minimal downtime. There are quite a few steps in this process, not gonna lie. But no worries, you got this. Take a read through all the steps before starting, so you can familiarize yourself with what you will need to complete the process.

Here we go!

  1. Find the current TTL value for the record(s) pointing to your old provider. Pop open your terminal and run this command: dig yoursite.com.
  • In the output, you'll see a line like this in the ANSWER SECTION: yoursite.com. X IN A in which X is your current TTL in seconds. Here is an example of what it will look like:

  • In the example this number is 2,878. That is your current TTL value in seconds.

  • Do this dig command for each hostname you will migrate to us (perhaps yoursite.com and www.yoursite.com?). Write these down in a safe place, we will come back to them in the last step.

  1. Visit your domain registrar’s website and find the DNS records section. For each hostname, set a new, low TTL value - I suggest a value of 10 - for all existing DNS records pointing to your old DNS provider. Do not yet update the IP address or hostname values to use our service! We are just updating the TTL value in this step.

  2. Coffee break! Wait for your prior TTL value to pass , while your records still point to your old provider. If you have any questions about whether you did this right or about the following steps, now is the time to ask the questions, before you proceed!

  3. Now you can change your DNS records to point to us . Follow the advice in this documentation: https://www.netlify.com/docs/custom-domains/

  4. Wait for the new, low TTL value to expire (if you’ve set a value of 10, wait 10 seconds).

  5. Almost done! Time to clear the cache. Visit https://developers.google.com/speed/public-dns/cache and for each hostname you will use, clear the cache for records of type "A", like so:

  1. Now you can get your SSL certificate! Back at Netlify, go to Settings - Domain management - HTTPS and provision a certificate. Now that you've updated DNS and any old cached values have expired, your certificate can be issued.

  2. Assuming that worked ( you should test in a browser! ), you can move the TTL back upwards in value to the old value you copied down way back at step 1. A super-low TTL is not a general best practice, just useful during migrations like these.

You’re done! Let us know how it went in the comments below!