dns - main ip address reporting ns1.example.com instead of hostname.example.com?

Operating System & Version
CentOS 7
cPanel & WHM Version
86.0.18

morrow95

Well-Known Member
Oct 8, 2006
161
8
168
Recently migrated to a new vm to update the OS. Ran into some issues with the hostname, private/public ips, etc when doing so. That has been cleared up and everything appears to be working fine, however, I just noticed this :
Code:
[[email protected] ~]# host xxx.xxx.xxx.124
124.yyy.yyy.yyy.in-addr.arpa domain name pointer ns1.example.com.
Where xxx.xxx.xxx.124 is our main public ip and 124.yyy.yyy.yyy is that same ip reversed. It is returning our primary nameserver instead of the hostname.


dig -x xxx.xxx.xxx.124 +short (returns the nameserver instead of hostname)
Code:
ns1.example.com.

I sent myself an email from one of our domains to a third party email of mine to view the source. In the email source it is also reporting the nameserver rather than our hostname.
Code:
Received: from ns1.example.com (ns1.example.com [xxx.xxx.xxx.124])

/etc/mailhelo shows :
Code:
*: ns1.example.com

In WHM viewing the dns zone for example.com I have an A record for both nameservers :
Code:
example.com. 86400 IN NS ns1.example.com
example.com. 86400 IN NS ns2.example.com
example.com. 14400 IN A xxx.xxx.xxx.124
NS1 14400 IN A xxx.xxx.xxx.124
NS2 14400 IN A xxx.xxx.xxx.125
...other records

I also have a dns zone for our hostname jupiter.example.com
Code:
jupiter.example.com. 86400 IN NS ns1.example.com
jupiter.example.com. 86400 IN NS ns2.example.com
jupiter.example.com. 14400 IN A xxx.xxx.xxx.124
...other records

Lastly, using https://www.ssllabs.com/ssltest/analyze.html and testing any of our domains in WHM they report back down in the 'miscellaneous' section :
Code:
Server hostname    ns1.example.com

Everything seems to be working fine and I don't know if this is really affecting anything or not, but it is kind of bothering me since the old VM reported the hostname and not the nameserver. Same ips, same hostname, etc so I don't see why it is different now since migrating over. PowerDNS is being used.
 
Last edited:

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
So this is all because your PTR record is set to the hostname of the nameserver. If the server you're performing this from is not ns1.example.com I would suggest doing the following:

1. Go to WHM>>Networking setup>>Change Hostname - Ensure it's set to the correct hostname for the server.​
2. Update your PTR record which may be something you need t request your hosting provider do for you​
3. Update /etc/mailhelo - this is done automatically but you can manually update it as well.​
 

morrow95

Well-Known Member
Oct 8, 2006
161
8
168
It looks like that is the reason... not sure how or why this changed though since the migration since ips, hostnames, nameservers are all the same as before.

Both jupiter.example.com and ns1.example.com are on the same ip address. The PTR for that ip is ns1.example.com. What would you recommend here? I can add a third ip to this vm so the hostname, ns1, and ns2 would all have their own ip then have the host update the ptr records accordingly, but would be worried about downtime with dns when doing so.
 

morrow95

Well-Known Member
Oct 8, 2006
161
8
168
The hostname and the ns1 are on the same ip address at the moment. The ptr for that ip is currently returning ns1.example.com. If the ptr is changed to the hostname (jupiter.example.com) then it would just be incorrect for the nameserver then.

Maybe I have misunderstood these all this time? Does the ptr not need to be correct for nameservers or set to the hostname too for the nameservers?
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
So some clarification for PTR records:

A PTR record in almost all cases should resolve back to the hostname of the server.
Any IP address you send mail from should have a valid PTR record that resolves to the hostname of the server.

Since ns1.domain.tld is not the hostname associated with that IP nor is it likely to send mail, it doesn't make sense for it to have a PTR record.

If ns1.domain.tld were the hostname of a server, then I would suggest that it have one, in the event that it may send mail but even then, if it's not sending mail it's not mandatory.
 

morrow95

Well-Known Member
Oct 8, 2006
161
8
168
hostname is jupiter.example.com
ns1.example.com
ns2.example.com

xxx.xxx.xxx.124 - main shared ip with all accounts including example.com (jupiter.example.com and ns1.example.com)
xxx.xxx.xxx.125 - right now the only thing pointing to this is ns2.example.com

You are saying both of these IPs should have the PTR record pointing to jupiter.example.com? We do not have any accounts on the .125, but we could in the future... so it should point to the hostname as well?
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
You are saying both of these IPs should have the PTR record pointing to jupiter.example.com? We do not have any accounts on the .125, but we could in the future... so it should point to the hostname as well?
If you will be sending mail from both IP's then yes.