Help Understanding IP Configuration

chaddro

New Member
When I signed up knownhost gave me two ips: xxx.xxx.8.217 and xxx.xxx.9.217.

when you type in our domain name or xxx.xxx.9.217 you go to our website.

when you type in xxx.xxx.8.217 you get the apache welcome page.

xxx.xxx.8.217 is also our host.<domain-name>.com

I have set up our spf records all using the host and xxx.xxx.8.217 ip. Reverse DNS for xxx.xxx.8.217 verifies (but xxx.xxx.9.217 fail rdns). I also used the DomainKeys feature from within Cpanel.

Why then does the website come up at xxx.xxx.9.217. Shouldn't this actually be xxx.xxx.8.217??

We are only using the VPS for one site. We moved to Knownhost to get better performance (vs. a Bluehost shared environment) and to be albe to effectively use our e-mail campaign software (email marketer by interspire)

Everything is "working" but I am still only getting about 40% open rate on our e-mail campaigns. This is on a list of about 800 e-mails that are all re- distributors of our products. And despite everything, a lot of mail seems to be getting dumped into the junk/spam folders.

So I am wondering if the site is actually correctly setup or if I did something backwards somewhere!

Thanks in advance for you help and insight!

-cj
 
Hello chaddro,

I have set up our spf records all using the host and xxx.xxx.8.217 ip. Reverse DNS for xxx.xxx.8.217 verifies (but xxx.xxx.9.217 fail rdns). I also used the DomainKeys feature from within Cpanel.
Yes, it sounds to me like you've got what you need to configure done. I'm not remembering if my original SPF setup included both the IP and host name but if the host name points to that IP it should be fine.

Why then does the website come up at xxx.xxx.9.217. Shouldn't this actually be xxx.xxx.8.217??
This is because this is the shared IP for domain names. Not a dedicated IP.

And despite everything, a lot of mail seems to be getting dumped into the junk/spam folders.
Do you mean that ISPs/hosts are blocking your emails? If so do you receive bounce messages that contain links to remove your server from their list? Follow the instructions if so.

If it's their email client that is marking your emails as spam then they need to add the address you send from to their white list. You really have no control over this except to try and figure out what is getting it marked as spam. You could have someone examine the header to try and determine what got it flagged as spam.
 
From the info you provided, I am guessing that your domain is ro......nc.com. If so, yes, your main IP is set as 9.217 but your RDNS is for 8.217. Your SPF record is using 8.217 and this may be causing email problems.

Login to your root WHM. Click WHM -> Server Configuration -> Basic cPanel/WHM setup menu. Scroll down the resulting page to the section:
Main Shared Virtual Host IP
I think you have it set to 9.217 here. I do not know if you can change it to 8.217 and make it all work. Please submit a ticket and ask support about this so that ou don't mess up your current setup.

Once that is done, you can check on your email problem again and then refine your SPF record if needed.

BTW, I guess you could just ask KH to setup RDNS for 9.217 and change your SPF to use 9.217 instead. I think this should work and might be simpler. Again, please check with support.
 
Thanks for taking the time to reply. Here is some added info form points you both bring up:

main shared virtual host ip: xxx.xxx.8.217
hostname: host.ro...nc.com
ns1.ro...nc.com -> xxx.xxx.9.217
ns2.ro...nc.com -> xxx.xxx.8.217
(the above is also how my domain name servers are set with registrar)

HELO hostname: host.ro...nc.com
source ip: xxx.xxx.8.217

but under DNS it seems the name servers are backwards ns1->8.217 and ns2->9.217!

spf record for ro...nc.com: "v=spf1 ip4:xxx.xxx.8.217 a mx mx:host.ro...nc.com ~all"

I tested this setup using the test from: check-auth@verifier.port25.com
which gives me a passing grade.

I am beginning to wonder if the ns1 & ns2 discrepancies could be causing a problem.

I have tried to find a good source for how to set up a server's DNS and just what your a and mx records should be but have not found one.

WHM's DNS Zone has 4 entries where:
host.ro...nc.com -> host. a rec -> xxx.xxx.8.217
ns1.ro...nc.com -> ns1 a rec -> xxx.xxx.8.217
ns2.ro...nc.com -> ns2 a rec -> xxx.xxx.9.217
ro....nc.com -> a rec -> xxx.xxx.9.217

To me something seems "off" ... that's why I asked about the whole IP configuration in the first place. My intuition tells me this may also be related to the mail spam issue.

I'll post a ticket with Knownhost and point them to this thread. Maybe they can take a more careful look at my configuration. I have a feeling I need to get the ns1 and ns2 servers corrected (also with my registrar). Don't know just what that will affect or if I will need to correct SPF.

Seriously, if anyone knows of a good tutorial on how DNS and A and MX records are setup please post it. I have looked hard through search engines, but am not finding one.

Thanks again for all the help!
 
Morning guys!

RDNS is set up for 8.217 which is the main shared IP and and host's IP so that is correct.

You are right though in that the IPs for the nameserver seem to have gotten switched somehow.

I do not think that this is that big a deal as both will answer DNS calls authoritatively and I do not think that this would effect how a recipient classifies email as spam.

I would simply edit the DNS zone files for the nameservers and swap the two. You can do so right in WHM and should not have any problems.

Are there particular domains you're having trouble with? Because both Hotmail and Yahoo are very notorious for this...
 
If the main IP is set to 8.217, why is the A record pointing to 9.217?

Check the headers of an email sent out from your domain. Does it show 8.217 or 9.217?

If it shows 9.217, the SPF may be failing as although the A record points to 9.217, the RDNS points to 8.217.
 
I did submit a ticket and Knownhost has suggested fixing the ns1/ns2 mixup.

They have also suggest moving the website's binding address to 8.217 from 9.217. I'm not sure what that entails and am waiting for their response.

Dan, you must be right about the ns1/ns2 authorizing otherwise things probably would never have worked.

Doing some MORE digging, it seems that when I e-mail from within zencart that the phpmailer class is sending from 9.217 although I am configured to use smtp authentication (it's supposed to send from the mailserver 8.217 but is not for some reason). I do not have RDNS on 9.217 and that apparently can be a problem.

Interspire's EmailMarketer IS sending through the mailserver (8.217) but from "nobody" which may be a problem. Also, my return path has been "bounce@" ... in another forum (hotmail?) it is suggest to use "postmaster@" and to also have a "abuse@" box. I do have correct reply-to and unsubscribe info showing in the e-mails headers. I need to look more closely at the "nobody" issue.

One thing I'm still not clear on. When you first initially set up your server, why even use two IP's? I not a reseller and this is only for the company's business site.

How are you guys setting things up for a single non-reseller account? What do you use the second IP for?

Really appreciate the responses! With all this edumacation I just might make it out of the 5th grade with Jethro! :p
 
Here is a reply from knownhost support that may be useful for others:

The MX record of the domain ro...nc.com was pointing to the IP address xxx.xxx.9.217. We have changed the MX record and currently it is pointing to xxx.xxx.8.217 IP address.

There is no need to change the A record of the domain name. But the MX record of the domain should point to the main server IP address for which the RDNS was setup.

The IP address xxx.xxx.9.217 is the dedicated IP address and IP address xxx.xxx.8.217 is the shared IP address of the server. You can host more than one domain on the shared IP address. But it is not possible to host more than one domain on the dedicated IP address.
The above may well help with my mail delivery issues. But I am still curious as to which IP the main site should be on...
 
Hmmm,

Mylinear is right there, if 8.217 is the shared IP why is your domain pointing to 9.217? That would cause problems absolutely. Sorry I missed that.

Ah, and another clue from KH support "The IP address xxx.xxx.9.217 is the dedicated IP address". Did you configure your domain for this to be it's dedicated IP?
 
Mylinear is right there, if 8.217 is the shared IP why is your domain pointing to 9.217? That would cause problems absolutely. Sorry I missed that.

Ah, and another clue from KH support "The IP address xxx.xxx.9.217 is the dedicated IP address". Did you configure your domain for this to be it's dedicated IP?

Well, my limited understanding is that your base ip is your "physical" SERVER, then your second (third, and so on) IP is your website(s). This way your SERVER can host/serve multiple sites. But according to knownhost, I can make 8.217 my site's address.

The MX entry fix that support did above did fix the zencart mail source. It now shows coming from host. Yahoo still stubbornly sticks the mail into the SPAM folder despite my passing SPIF and having an authorized DomainKey.

Apparently, DomainKey <> DKIM. My check-auth@verifier.port25.com returns pass for DomainKey and neutral for DKIM. I checked the installed Perl modules and DKIM is installed, but I have not had enough time to figure out how to use it. Cpanel has an option under eMail Authentication to enable DomainKey (which I've done) but not an option for DKIM.
My understanding is that DKIM is newer (but related to) DomainKeys.

I don't know if moving the site over to 8.217 will fix these issues. SPIF is suppose to handle these kinds of things: say you have a website at one host, but use an enterprise mail solution from another host.

Dan, are you set up on your base ip? At this point I don't know what I did (wrong or right)!
 
Well, my limited understanding is that your base ip is your "physical" SERVER, then your second (third, and so on) IP is your website(s). This way your SERVER can host/serve multiple sites. But according to knownhost, I can make 8.217 my site's address.

When you created your cPanel account for ro...nc.com, you may have selected the 2nd IP 9.217 for it. The default should have been at 8.217. Clarify with support whether it is ok to switch it back from9.217 to 8.217 without affecting anything else. Then you should be back to the usual way things are setup.

Do you have SSL cert installed for ro...nc.com? If so, then you need it to be on a dedicated IP. But I don't think you can use 9.217 since it is used for ns2 now anyway (not sure about this).
 
Dan, are you set up on your base ip? At this point I don't know what I did (wrong or right)!

My setup is the same as mylinear's and I do not know if you can use one of your IPs as dedicated either since they are both used by nameservers.

As far as DKIM goes cPanel does not support it yet. Personally I do not have domainkeys enabled for any of my domains and I have not heard from anyone that their emails get stuck in Yahoo's spam filters. It's a load of hooey to have to go through trouble like this simply because one domain says so.
 
Yes, I agree with you about DomainKeys and DKIM (both Yahoo appearently). I stumbled on a site earlier that was very anti SPF, but it hadn't been updated since 2006. But doing so (following all the rules) did give me a 10% increase in open rates.

Did I understand correctly that you are NOT using your own name servers?

humph! well, I was under the impression from knownhost when I was first talking to them about moving to their VPS plans that having your own name servers and mail server was a good thing. I'm sure it is, but most people are probably not running bulk mail marketing campaigns.
 
Oh yes I am using my own nameservers as well, not sure why you would think I wasn't.

What I am not using is a dedicated IP for any of my domains.
 
Top