The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

dnsreport help

Discussion in 'Bind / DNS / Nameserver Issues' started by pacificw, Sep 25, 2007.

  1. pacificw

    pacificw Well-Known Member

    Joined:
    Aug 26, 2007
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    I need help in figuring out what these errors mean and how to fix them please.

    The first is:
    Not a clue what this means. Please help and explain.

    The next is:
    Not a clue what this means. Please help and explain.


    The next is:
    I've not a clue what this means. Help! please. I do have 2 nameservers. I have ns1. and ns2. and both resolve to the IP's setup at where I have them registered at.


    Okay, I know what this one means. Can I get a DNS account someplace and have it take over in case of a server failure on my server? Or does it have to be on a separate box thats located on the same router as my box now?

    ** domain-name and IP's have been changed to protect ddos attacks that I only get when posting information in this forum.

    Thank you for any and all help. I'm really at a loss here and would like to finish getting this server setup.

    fuggi
     
  2. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Single Point of Failure - It's just saying that since both of your nameservers are actually the same literal machine, if that machine goes down you have no backup DNS - all of your DNS is done by a single machine.... not uncommon for a lot of Cpanel hosters.

    Nameservers on Separate Class C's - Yeah you could use zonedit.com or a bunch of other ones (none bounce of my noggin at present though) as additional nameservers if you pay for the privilege. Nowadays this really should just be a 'single point of failure' thing as far as your concerned - If you are hosted at a Data Center with a bunch of bandwidth providers connected, the likelihood that one class C fed by that data center would have connectivity if the other class C didn't isn't nearly as high... and not as likely for those links to go down considering most have multiple providers and are running BGP.

    Acceptance of Domain Literals - Means just what it describes. Per RFCs, one should be able to send email to a user (such as postmaster) @[ip.add.re.ss] - the main IP address of your machine. But as it describes, this isn't a must either since there are many large and small mail providers that do not allow this. Chances are that if somebody's mail system is so misconfigured that it cannot receive email at its hostname or some domain hosted on it, it probably isn't worth it for anybody to try to send mail to @[ipaddress] either.

    Mail Server Hostname in Greeting - Your mail server, when it attempts to deliver mail, claims that it is spring.blahhawebhosts.com. However, spring.blahhawebhosts.com does not resolve to the IP address of that specific machine - it resolves to 67.xxx.26.xxx but your machine is 208.xx.169.xxx. Technically, DNSReport would expect to see that when it connects to blahhawebhosts.com mail server, the mail server would EHLO with blahhawebhosts.com and not spring.blahhawebhosts.com - But there may be legitimate reasons why you have blahhawebhosts.com on another server. Unless i knew more to make a better judgement, I wouldn't worry about this one. But you should make sure that if your main hostname (telnet localhost 25 and see what it announces itself as) to the main IP address on your ethernet adaptor for that machine and that the main IP address reverse resolves to the actual hostname of the machine. But of course, again without knowing full details, I wouldnt' advise you to just willynilly change hostnames or anything if your mail appears to be delivering fine and everything is functioning fine. I don't have all of the info needed.

    - Mike

     
  3. pacificw

    pacificw Well-Known Member

    Joined:
    Aug 26, 2007
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    Okay, still kinda confused on this one. To explain further. The place I got my dedicated box from assigned me a main IP (which they put in cpanel as well to use for all virtual hosts) and bogus server name. I went in and changed the server name. I then went into cpanel and changed the shared ip (which was the main ip) to another ip I got from them so that I wouldn't have all virtual websites being ran off my main server ip. I do have a dns zone file for the following. I do have the ips that are being used right now reverse resolved (well at least they should be (but dont think they are)) but this issue came before the problem i'm having now with the ns1/ns2 not working at the moment.

    servername.host.com - uses the servers main IP
    host.com - uses shared ip
    host2.com - uses shared ip
    ns1.host.com - uses dedicated ip
    ns2.host.com - uses dedicated ip

    does that explain my situation a bit better/more?
     
  4. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    For the domain in question, edit the dns zone of that domain and put in the FQN of the servers host name for the MX.

    So instead of
    domain.com 14400 in MX 0 domain.com
    use
    domain.com 14400 in MX 0 host.domain.com

    This will happen if your root domain is on a dedicated IP and not on the share IP.
     
  5. pacificw

    pacificw Well-Known Member

    Joined:
    Aug 26, 2007
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    I'm sorry Jay, can you explain that a bit differently, I'm not completely understanding what you're saying. the domain in question is blahdomain.com so what do I put for "host".blahdomain.com to make it work?

    thanks for the help
     
  6. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    As Jay explained in:

    Edit the DNZ zonefile for host.com. Find the MX entry - and to the right of MX 0 change 'host.com' to 'servername.host.com'

    In the end you should have something like:

    host.com 14400 in MX 0 servername.host.com as your only MX

    When you go to DNSReports and type in 'host.com', it does a lookup of the MX (which currently points to host.com). It then attempts to connect to 'host.com' on the shared IP. The machine responds by introducing itself as servername.host.com (because that's the main hostname of the machine and is mapped to the main IP on the adapter).

    DNSreports checks and resolves host.com to the shared IP and then checks and resolves servername.host.com to another IP.

    I don't think that changing the MX is going to resolve this part of the DNSReport finding:

    blahhawebhosts.com claims to be host spring.blahhawebhosts.com [but that host is at 67.xxx.26.xx (may be cached), not 208.xx.169.xxx].

    As long as host.com resolves to 208.xx.169.xxx and servername.host.com resolves to 67.xxx.26.xx, DNSReports is going to continue saying this. What DNSReports is 'hoping' to find is that the MX for host.com resolves to the same IP address as the hostname that the machine announces itself as in the SMTP greeting.

    host.com - 208.xx.169.xxx
    servername.host.com - 67.xxx.26.xx

    Exim announces itself as servername.host.com during EHLO. servername.host.com is 67.xxx.26.xx.

    The only way to get rid of this message in DNSReports is to have host.com resolve to the same IP address as servername.host.com. This means that host.com would need to be hosted on the main IP address of the server.

    Mike
     
  7. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    Either way, if you put in your full host name of the mail server, it will indeed resolve to the IP which handles the mail. This is what DNS report is looking for. I am not completely sure if the contrasting IP's are the same server or not but either way, you need to put in the fully qualified host name as your mail server.

    If this is the box you have access to, then simply type in ssh,

    hostname

    to get the fully qualified name and you should also be able to ping the hostname as well.

    One last comment, DNS Report may be cached so it may take up to a full day to see the error cleared.

    Good luck.
     
Loading...

Share This Page