Page 1 of 2 12 LastLast
Results 1 to 25 of 26
  1. #1
    Join Date
    Nov 2005
    Posts
    3,944

    Do you need an additional IP address?

    I think this is a common question that comes up for many VPS consumers and consumers often think they need an additional IP when they do not. The most common issue is because of NS2 or one SSL site but I will go through the basics.

    Do you need a dedicated IP for your nameserver?
    No, you do not need a dedicated IP for nameservers. One IP address can be used for many things, including hosting both web sites and nameservers.

    Do you need an additional IP for NS2?
    No. This is a common myth, there is absolutely no point to having a second IP for NS2 if both IPs are on the same virtual server. The only reason two IPs are to be used is for redundancy, hence they are supposed to be hosted on two different servers in two different datacenters.

    If both IP addresses are on the same virtual server and that virtual server goes offline, both nameservers will be offline, hence no redundancy is given.

    You can assign the same IP address for both NS1 and NS2 if you are just hosting off of one VPS.

    Do you need a dedicated IP for SSL?
    The first SSL certificate, no. Each one after, yes. You can run the first SSL site off of the same IP as other web sites, as long as you only need one SSL web site. For every SSL web site thereafter, you will need to have a dedicated IP.

    SNI, or Server Name Indication, removes the requirement for dedicated IPs, but currently Windows XP and some older operating systems do not support it, although you should definitely look into implementing it in the near future as both IPv4 space and Windows XP users are rapidly declining.

    You have multiple web sites, one SSL web site, and want to host your own nameservers on a single VPS, how many IP addresses do you need?
    Just the one. The one IP can be used for both nameservers, the first SSL certificate, as well as multiple non-SSL web sites.

    Will multiple IPs in different class C (/24) blocks help my SEO ranking?
    Not noticeably. This is an old fashioned way of committing SEO practices and is now-a-days a myth that many companies use to get extra money from their IP space. This will not help for any of the popular search engines and should be frowned upon especially with the lack of IPv4 space.

    Hope this guide helps you save money and contributes to some conservation of the limited IPv4 resources.
    Last edited by devonblzx; 11-20-2012 at 12:28 PM.


  2. #2
    Join Date
    Sep 2006
    Location
    The Not So Deep South
    Posts
    931
    One of the best FAQ I have seen in a long time, nice work!
    Hostigation.com - High Resource Hosting
    WHM/cPanel Servers for Hosting and Dedicated Needs
    SolusVM VPS Hosting - Big Features, Small Prices
    Like us on Facebook or follow @hostigation on Twitter

  3. #3
    Join Date
    Dec 2006
    Location
    London
    Posts
    661
    Quote Originally Posted by devonblzx View Post
    Do you need an additional IP for NS2?
    No. This is a common myth, there is absolutely no point to having a second IP for NS2 if both IPs are on the same virtual server.
    Unfortunately, some registrars require both nameservers to have different IP addresses, which is really dumb I know.
    GigaTux, Value Linux Hosting
    UK, US and Germany based Xen VPS. Reliability is key! Quick support response and 99.9% SLA.

  4. #4
    VERY VERY Nice Thread. This can help a lot of noobs to setup things. Good Work Sir.
    ☆☆ RoyalNode Web Hosting☆☆ In Business Since 2018 (3 Years)
    ►►Los Angeles CA USA, Oregon Seattle USA, Canada, Amsterdam NL EU based Shared and Reseller Web Hosting◄◄
    ►►
    Affordable Managed SSD VPS and Managed Dedicated Server Provider◄◄

  5. #5
    Join Date
    Sep 2006
    Location
    The Not So Deep South
    Posts
    931
    Quote Originally Posted by gigatux View Post
    Unfortunately, some registrars require both nameservers to have different IP addresses, which is really dumb I know.
    Portugal is the only one I know of with this antiquated requirement, what others are known?
    Hostigation.com - High Resource Hosting
    WHM/cPanel Servers for Hosting and Dedicated Needs
    SolusVM VPS Hosting - Big Features, Small Prices
    Like us on Facebook or follow @hostigation on Twitter

  6. #6
    Join Date
    May 2009
    Location
    Vaduz/LI
    Posts
    2,778
    Portugal is the only one I know of with this antiquated requirement, what others are known?
    .de and .be

  7. #7
    Join Date
    Nov 2005
    Posts
    3,944
    Quote Originally Posted by gigatux View Post
    Unfortunately, some registrars require both nameservers to have different IP addresses, which is really dumb I know.
    I have seen that, and in that case I would recommend the user use two servers or hosted DNS. Hosted DNS is usually a better solution anyways as it is usually redundant, although sometimes the automation is not there.

    The vast majority, however, try to fulfill this requirement even though they have no need for a second IP.


  8. #8
    Join Date
    Mar 2010
    Posts
    1,154
    Quote Originally Posted by gigatux View Post
    Unfortunately, some registrars require both nameservers to have different IP addresses, which is really dumb I know.
    Exactly, we explain to customers they dont need a second IP for their NS2 but most of the time they understand that but their Registrar requires a different IP which is really dumb, and what I have found in common between the Registrar that requires this is that they are all the ones that are old, using an old interface and just out of the game or a third party registrar.

  9. #9
    Join Date
    Feb 2008
    Posts
    334
    The Registry for .PT ccTLD requires this for redundancy, as you could see at the Technical Conditions in the Rules for .PT Domains:

    Technical Conditions

    For a domain to be assigned in the .pt zone it must be technically associated to a primary name server that is correctly installed and configured, in order to ensure an authoritative response to the domain being registered.

    Redundancy of the DNS service must also be ensured by simultaneously configuring one or more secondary servers, which should preferably be located in different buildings, not using the same local network.

    The servers should be configured in accordance with the parameter rules established in RFCs 819, 920, 874, 1032 to 1035 and 1101, as well as in any other current or future documents that are applicable in this context.

    The registration of domains simply for the purpose of reserving an associated name does not require any technical data.
    WebTuga Hosting - Portuguese Shared, Virtual and Dedicated Web Hosting
    CloudFire WebHosting - European Low Cost Cloud WebHosting

  10. #10
    Join Date
    Jul 2012
    Location
    Los Angeles
    Posts
    89
    Quote Originally Posted by devonblzx View Post
    Will multiple IPs in different class C (/24) blocks help my SEO ranking?
    Not noticeably. This is an old fashioned way of committing SEO practices and is now-a-days a myth that many companies use to get extra money from their IP space. This will not help for any of the popular search engines and should be frowned upon especially with the lack of IPv4 space.
    I know I'm always on about this one, but it's really just another thing on the checklist it's easier to do than not do. It doesn't rank up there with url/title/headers/density obviously, but for an extra almost-dollar I'd really rather my domains stand on their own rather than risk some other schmoe doing some dirt and having it spill over on me.

    Plus, hell, it's the first thing they look for when you're doing interlinking shenanigans.
    COLOCATIONAMERICA.COMIt’s All About Connections...
    ░ Colocation, Dedicated Servers, Premium Bandwidth, 24/7 Support!
    ░ Data Centers in Los Angeles New York New Jersey San Francisco Chicago
    ░ Email Sales@ColocationAmerica.com for a quote or call 888-505-COLO! ツ

  11. #11
    Join Date
    Feb 2006
    Location
    Kepler 62f
    Posts
    16,703
    Quote Originally Posted by Colo To America View Post
    I know I'm always on about this one, but it's really just another thing on the checklist it's easier to do than not do. It doesn't rank up there with url/title/headers/density obviously, but for an extra almost-dollar I'd really rather my domains stand on their own rather than risk some other schmoe doing some dirt and having it spill over on me.
    It doesn't work that way.
    || Need a good host?
    || See my Suggested Hosts List || Editorial: EIG/Site5/Arvixe/Hostgator Alternatives
    ||

  12. #12
    Join Date
    Dec 2006
    Location
    London
    Posts
    661
    Quote Originally Posted by kpmedia View Post
    It doesn't work that way.
    Well, it does if a phishing site is hosted on the same IP as yours and an upstream provider decides to null route that IP.
    GigaTux, Value Linux Hosting
    UK, US and Germany based Xen VPS. Reliability is key! Quick support response and 99.9% SLA.

  13. #13
    Quote Originally Posted by gigatux View Post
    Unfortunately, some registrars require both nameservers to have different IP addresses, which is really dumb I know.
    I don't think it's dumb. Two separated nameservers are for reliability.

    Imagine the primary is down for some reason and if you share single machine for both NS-es your serivce is't available even if your server is up and running due to missing DNS.

    Delegating DNS to some third-party (your registar for example) is a reasonable and safe option I would suggest.
    Homer knows about his website downtime, what about you?
    site-uptime.net site uptime monitor

  14. #14
    Join Date
    Dec 2006
    Location
    London
    Posts
    661
    Quote Originally Posted by cieslakd View Post
    I don't think it's dumb. Two separated nameservers are for reliability.
    It seems like you've missed some of the other points in this thread. We all agree with the reliability point, but to enforce it just results in lots of people requiring additional IPs (running on on the same VPS) to fulfil this requirement.

    Or, what about a single IP address that fails over automatically in a data centre, or even across multiple data centres?

    I stand by my statement that enforcing this rule is dumb.
    GigaTux, Value Linux Hosting
    UK, US and Germany based Xen VPS. Reliability is key! Quick support response and 99.9% SLA.

  15. #15
    Join Date
    Jun 2011
    Posts
    68
    Some control panels (not the best designs?) might preclude use of the primary IP address for an SSL cert, requiring that the first cert added be on a second IP.
    For nameservers, IMO the requirement for separate IP/server starts to make more sense once the nameservers are entirely separate from the web server, preferably in different DC. Ideally neither on the same physical box as the web server for any domains served, with full fail-over as well, but that gets expensive/complex.
    As others have said, it should be individual choice to accept the reliability compromises of running everything on one box/IP.
    Nick Walters - Hosting Consultant
    Daily Internet || www.Daily.co.uk
    Call us on 0845 466 2100 or email helpdesk@daily.co.uk

  16. #16
    Join Date
    Jun 2011
    Location
    Internet
    Posts
    2,985
    Quote Originally Posted by mitgib View Post
    Portugal is the only one I know of with this antiquated requirement, what others are known?
    Pretty sure it's standard for Czech domains too.

  17. #17
    Join Date
    Nov 2005
    Posts
    3,944
    Quote Originally Posted by gigatux View Post
    It seems like you've missed some of the other points in this thread. We all agree with the reliability point, but to enforce it just results in lots of people requiring additional IPs (running on on the same VPS) to fulfil this requirement.

    Or, what about a single IP address that fails over automatically in a data centre, or even across multiple data centres?

    I stand by my statement that enforcing this rule is dumb.
    I agree, this provides a false sense of redundancy and wastes an IP for many VPS consumers who ask for an additional IP not to satisfy the true redundancy requirement, but only to satisfy the failed requirement of that registrar.

    It should not be a requirement to use different IPs, if the requirement is there, it should require two different /24s to ensure the servers are in different locations. However, I believe it should be a recommendation, not a requirement. Users should be able to choose their setup themselves.


  18. #18
    Join Date
    Feb 2006
    Location
    Kepler 62f
    Posts
    16,703
    Quote Originally Posted by devonblzx View Post
    two different /24s to ensure the servers are in different locations
    Simply having a different /24 or even /16 doesn't necessarily mean the address isn't in the same location. I bet in some locations, you could even end up with two /8's on the same box. I have several servers and VPS with different /24's on the same hardware.
    || Need a good host?
    || See my Suggested Hosts List || Editorial: EIG/Site5/Arvixe/Hostgator Alternatives
    ||

  19. #19
    Join Date
    Mar 2006
    Location
    Servers
    Posts
    1,590
    The IPs are definitely needed for spam
    QHoster.com - Web Hosting with DDoS Protection | Shared & Reseller in Europe/North America
    Linux/Windows RDP VPS 13 Locations : UK, US (5 states), Mexico, Canada, Bulgaria, Lithuania,
    Italy, France, Germany,Netherlands, Switzerland, Rissia, Singapore | OpenVPN/PPTP Enabled
    INSTANT | PayPal, Skrill, Payza, Bitcoin, WebMoney, Perfect Money, Ukash, CashU, paysafecard

  20. #20
    Join Date
    Nov 2005
    Posts
    3,944
    Quote Originally Posted by kpmedia View Post
    Simply having a different /24 or even /16 doesn't necessarily mean the address isn't in the same location. I bet in some locations, you could even end up with two /8's on the same box. I have several servers and VPS with different /24's on the same hardware.
    Well of course, there will always be a way around it, but it is a good attempt. Most dedicated servers have IPs on the same /24.

    I don't recommend requiring a second IP at all.

  21. #21
    also For SSL certificate you must have dedicated ip for each one

  22. #22
    Join Date
    May 2009
    Location
    Vaduz/LI
    Posts
    2,778
    also For SSL certificate you must have dedicated ip for each one
    No, google SNI.
    (Good, does not work in IE6 but that'll die in the next years anyway)

    Also, another one:

    Do i need a dedicated IP for my IRC vHost?
    Technically yes, but please consider using IPv6 - It works fine in IRC and you can create LOTS of vHosts without wasting IP space.

  23. #23
    Join Date
    Sep 2008
    Location
    Hong Kong
    Posts
    138
    Many domain registries provide DNS services already. Getting additional IP's to implement your own named services might not be necessary if it's just for your own domains. Given the low cost of VPS's nowadays, getting additional VPS's to implement clustered applications such as MySQL master/slave perhaps worth more than putting additional IP's on one single server to implement things which are really not necessary. IPV4 is getting more expensive anyway.
    Francis Kam - 38cloud - Unmetered VPS, KVM, China, Hong Kong
    https://twitter.com/38cloud - Twitter
    http://38cloud.com - VPS Plans
    sales @ 38cloud.com

  24. #24
    Join Date
    Apr 2011
    Location
    Las Vegas, NV
    Posts
    1,643
    Quote Originally Posted by cieslakd View Post
    I don't think it's dumb. Two separated nameservers are for reliability.

    Imagine the primary is down for some reason and if you share single machine for both NS-es your serivce is't available even if your server is up and running due to missing DNS.
    Hosting server operators often use the same IP address & box for both DNS server addresses and the html server. Having a backup DNS server in a secondary box is not going to display websites if the html server box is down, so there is no increased reliability from a secondary DNS server with that configuration.

    The reason secondary DNS in a different box is a good idea is for email. If you have small businesses hosting email in your box, they will have a problem if the only DNS server goes down along with the email server. If the sending email server can't resolve the domain at a DNS server then email will be returned to the sender as a bad domain, which would be terrible for business. If you have a secondary DNS server to resolve the domain, but your email server is down, then the sending server will hold the email and try again later. That's what you want to happen when your email server goes down.

    If you only plan to host domains and not email then one DNS server in the same box as your html server will work just fine.

    Quote Originally Posted by cieslakd View Post
    Delegating DNS to some third-party (your registar for example) is a reasonable and safe option I would suggest.
    Yes, that's a reasonable and safe option, but impractical for a commercial hosting server. If you are going to be adding and removing a lot of domains you don't want to have to add & remove domains manually. That's particularly true if you have a number of employees, or have resellers who will be adding and removing domains that you aren't even aware of.

    The problem is that BIND (named) doesn't come with the native ability to update the domain list in the secondary DNS server. There are proprietary DNS server products that will do that, but they can be costly. Instead I wrote some scripts and cron jobs that updated the domain list in the secondary server automatically. Here is a tutorial that I prepared to commit that procedure to writing.

    https://dl.dropbox.com/u/22059150/SecondaryDNS.pdf

    While I did that on a server that used Kloxo on CentOS and ran named chrooted, you can modify paths to work on any Linux server with most any control panel installation that's running BIND.

  25. #25
    Quote Originally Posted by gigatux View Post
    Well, it does if a phishing site is hosted on the same IP as yours and an upstream provider decides to null route that IP.
    It's the risk you are taking for each one of your sites if all your IPs are shared with other people which is exactly what will happen if you have all your domains on """seo""" hosting.

    You can avoid it by having 1 dedi IP for all your own sites and with an SSL for your "money site", exactly as the OP describes.

    If instead you stick to your current philosophy, think about the other people who are sharing those IP's with you. They are the ones doing 'whatever it takes' to get ranked. In other words there are going to be red flags all over the internet about those shared IPs. I wouldn't want my sites to be associated with those IPs. Do you?

    I used to be involved in, let's say "other" SEO techniques (there's my confession). Have a look into trustrank, run a check on your sites and change your mind. I don't consider it an issue of morality; I'm quite free in what my conscience allows me to do to win in rankings. It's a matter of being pragmatic enough to accept that different /24 blocks don't work due to Google's "bad neighborhood" factor in its algorithm.
    New Websites Web Design. Hosting. Marketing.
    ♥ Personal Support
    Fast Servers
    ►Best Backlink Services

Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 4
    Last Post: 08-18-2009, 10:10 AM
  2. Additional IP address config for secure certificate
    By the_lar222 in forum Hosting Security and Technology
    Replies: 1
    Last Post: 07-13-2004, 08:02 PM
  3. Replies: 1
    Last Post: 01-21-2003, 12:51 PM
  4. Replies: 8
    Last Post: 07-24-2002, 08:18 AM
  5. Additional IP Address Added
    By madmax in forum Dedicated Server
    Replies: 4
    Last Post: 02-15-2002, 04:37 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •