Reverse Name Service (PTR Records)

Discussion in 'HOWTO-Related Questions' started by adamjedgar, Sep 23, 2018.

  1. adamjedgar

    adamjedgar Member

    Issue 1

    Contact your service provider or the company that gave you your IP numbers, ask them to set up reverse name service.


    Server is a Google Cloud Compute instance.

    The tutorial on google cloud https://cloud.google.com/compute/docs/instances/create-ptr-record talks about verifying the domain name... as part of that process it asks for one to place a verification file on the server webspace.

    How am i supposed to do that exactly? (This server doesnt have its own website, its used as a hosting platform for other client websites). Am i supposed to setup a website for the server so google can verify i own the domain?

    Issue 2
    Also, just want to have someone check the following is correct...i read somewhere about ip address. Should it be included in the hosts file?

    when i enter hostname -f
    it returns server3.mydomain.com

    /etc/hosts file is as follows...
    127.0.0.1 localhost
    ::1 localhost ip6-localhost ip6-loopback
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters

    xx.xxx.x.x server3.mydomain.com.au server3
    #xx.xxx.x.x server3.c.googlename-1.internal server3 # Added by Google
    xxx.xxx.xxx.xxx metadata.google.internal # Added by Google


    Issue 3
    Finally, my server doesnt have any file called /etc/hostname. Should i create one?
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Issue 1
    I do not know how google service works. Other services allow many ways to prove domain ownership. For example by adding a TXT record to DNS.
    Issue 2
    Check what?
    Issue 3
    What operating system? The systems I am familiar with do have /etc/hostname.
     
  3. adamjedgar

    adamjedgar Member

    Issue 1
    I do not know how google service works. Other services allow many ways to prove domain ownership. For example by adding a TXT record to DNS.


    so would this record have to be

    mydomain.com TXT 3600 "v=spf1 a mx a:mydomain.com ip4 <server network ip address> ip4 <server public ip address> ? all"

    Or should it be

    server3.mydomain.com TXT 3600 "v=spf1 a mx a:server3.mydomain.com ip4 <server network ip address> ip4 <server public ip address> ? all"

    or should it be something else?


    Issue 2
    Check what?


    Whether or not i should add the server public ip address into the file

    Issue 3
    What operating system? The systems I am familiar with do have /etc/hostname.

    The webserver is Debian 9
    I forget now how i setup this server, but I am assuming it is getting its hostname from somewhere other than /etc/hostname?
     
  4. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Issue 1
    IF Google verifies by TXT record in domain, it tells you what record to add there. It is usually a random string.
    Issue 2
    You crossed out the IP-numbers in the file you showed. My guess was the IP number was there already. If you change the IP number the host has, write the new number there.
    Read
    Code:
    man hosts
    Issue 3
    Code:
    man hostname
    states among others that
     
  5. adamjedgar

    adamjedgar Member

    oh yes...ip address was already there but the ip addresses that i have crossed out in the hosts file are the google cloud internal network ones. (ie not public ip addresses).

    Could i simplify this a little...

    1. should i have public ip address in hosts file?
    2. does the dns A Record at registrar need to be <server3.mydomain.com> or can i leave it as it is <mydomain.com> ?
     
  6. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    1. should i have public ip address in hosts file?
    Yes.
    2. does the dns A Record at registrar need to be <server3.mydomain.com> or can i leave it as it is <mydomain.com> ?
    Best is to have both. That is, two A records, one for the domain and one for the host.
     
  7. adamjedgar

    adamjedgar Member

    ah ok...i need to add some extra information into hosts file, and also an additional A record for server3.mydomain.com (currently it does not have this)

    Could i also ask about the following...
    according to google webmaster tools (webmaster central) https://server3.mydomain.com/ is verified. (result "verification succeeded via HTML file")

    In google cloud console, i go to vm instance> Edit> Network interface> Enable Public DNS PTR Record and attempt to add PTR domain name <server3.mydomain.com>

    It returns an error....
    Editing VM instance "server3" failed. Error: Invalid value for field 'resource.publicPtrDomainName': 'server3.mydomain.com.'. Please verify ownership of the PTR domain at https://www.google.com/webmasters/verification/verification?domain=server3.mydomain.com.

    I dont understand the error...the domain is verified. What does it mean by invalid value "server3.mydomain.com"

    This is what google cloud help says on how to do this...

    1. Go to the VM instances page.
    2. Click the instance you want to edit.
    3. Click the Edit tool from the top menu.
    4. Click the edit tool next to the primary network interface.
    5. Click External IP drop down menu.
    6. Configure your External IP to enable PTR Record.
    7. Check the Enable box for Public DNS PTR Record.
    8. Enter your domain name.
    9. Click Done.
    10. Click Save at the bottom of the page to save your settings.
     
  8. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    I don't know about Google tools. And I don't know what server3.mydomain.com really is. So no comment.
    Try mxtoolbox.com or https://tools.pingdom.com/ or some such to check your setup.
     
  9. adamjedgar

    adamjedgar Member

    i have started a conversation with you. my server domain is in that. The website that comes up in pingdom.com is not actually the server page.. server3.mydomain.com doesnt have a website associated with it so apache is just throwing up the first one in its list (I havent got around to creating a default page or a redirect page for the server yet)
     
  10. adamjedgar

    adamjedgar Member

    I have just found this...https://sendgrid.com/docs/glossary/spf/

    i wonder if because google cloud has all mail ports blocked, and therefore i am using sendgrid, perhaps this is a workaround?

    I am assuming i do this at my external dns host (which in my case is the domain registar)

    Question
    should i add an "additional txt record" for server3.mydomain ( server3.mydomain.com txt 3600 "v=spf1 a mx:mydomain.com...") or,

    just add the sendgrid entry to the existing entry in mydomain.com txt "v=spf1 a mx a:mydomain.com ip<reverseip> ?all" ?

    from what i can see in my registrar console, whmcs has its own txt "v=spf1 a mx..." records for each subdomain (ie billing.mydomain, whmcs.mydomain, buy.mydomain)
     
    Last edited: Sep 25, 2018
  11. Taleman

    Taleman Well-Known Member HowtoForge Supporter

  12. adamjedgar

    adamjedgar Member

    the google cloud reverse ptr value i am inputting being rejected as invalid.

    I have gone to the spfwizard.net website you provided the link to.

    I notice that it is asking for the mail server/relay host ip address...

    google Cloud Compute requires us to use a third party mail relay host for all outgoing mail on standard ports. I am filling out the spf wizard as you suggest.
    I am not sure about one thing.

    should the ip address in cdir format be public? the examples shown when i hover my mouse over this box are private ones ... ie 10.0.0.1/32 or 192.168.0.1/28 (see image file attached...)

    also,
    according to sendgrid tutorial https://sendgrid.com/docs/ui/account-and-settings/how-to-set-up-reverse-dns/ , my dns provider can also be a place for setting up reverse dns. That is the avenue i am going to explore.
     

    Attached Files:

    Last edited: Sep 25, 2018
  13. adamjedgar

    adamjedgar Member

    OMFG...i have figured it out!

    Ok so here is what i had to do to get this working...

    1. Go to Google Webmaster Central> domain verification - "Alternate method"> domain name provider (then copy the txt record it provides to your domain DNS zone records). once verified then,

    2. In google cloud console>vm isntance> Edit instance> nic0 > public DNS PTR Record > add your "domain.com" (exactly as shown in the verification result)

    voila, The PTR input value in Google Cloud Compute is now sorted!

    Now on to the next issue at the top of the list... (I am making progress). My assumption is that this is because i need to input server3.mydomain.com into Google Cloud "Public DNS PTR Record" instead of mydomain.com?

    [​IMG] SMTP Valid Hostname Reverse DNS is not a valid Hostname [​IMG] More Info
    [​IMG] SMTP Reverse DNS Mismatch OK - xx.xxx.xx.xxx resolves to mydomain.com
    [​IMG] SMTP Banner Check OK - Reverse DNS matches SMTP Banner
    [​IMG] SMTP TLS OK - Supports TLS.
    [​IMG] SMTP Connection Time 1.988 seconds - Good on Connection time
    [​IMG] SMTP Open Relay OK - Not an open relay.
    [​IMG] SMTP Transaction Time 4.694 seconds - Good on Transaction Time
     
    Last edited: Sep 25, 2018
  14. adamjedgar

    adamjedgar Member

    yep that sorted it...just needed to change the Google Cloud Public DNS PTR Record to server3.mydomain.com and mxtoolbox now seems to be happy in that the test for ip address now is ok for smtp hostname.

    SMPT:xx.xxx.xx.xxx (server3.mydomain.com IP Address)

    [​IMG] SMTP Reverse DNS Mismatch OK - xx.xxx.xx.xxx resolves to server3.mydomain.com
    [​IMG] SMTP Valid Hostname OK - Reverse DNS is a valid Hostname
    [​IMG] SMTP Banner Check OK - Reverse DNS matches SMTP Banner
    [​IMG] SMTP TLS OK - Supports TLS.
    [​IMG] SMTP Connection Time 1.720 seconds - Good on Connection time
    [​IMG] SMTP Open Relay OK - Not an open relay.
    [​IMG] SMTP Transaction Time 4.387 seconds - Good on Transaction Time
     
    Last edited: Sep 25, 2018
    Taleman and ahrasis like this.
  15. ahrasis

    ahrasis Active Member

    Nice job. I still haven't fixed PTR for my dns servers yet. Hopefully I can resolve it soon.
     

Share This Page