Reading Time: 4 minutes

What is Reverse DNS?

A reverse DNS lookup is a query in which a domain name connected with an IP address is returned. However, in a forward DNS lookup, an IP address is returned when the domain name is queried. The following is an example output of reverse DNS lookup.

host 209.87.149.74
74.149.87.209.in-addr.arpa domain name pointer cloudhost-2915336.us-midwest-1.nx client.

A unique area of the domain name space is called a zone, and the zones define the DNS. A domain usually contains one zone. Different addresses are mapped by the zone's owner to various domain names in the zone.

How to Perform a Reverse DNS Lookup

How Does Reverse DNS Work?

For reverse DNS lookups, a pointer record (PTR) is utilized. A PTR represents an IP address with its segments inverted. It is kept in a unique zone known as in-addr.arpa, which is appended towards the end of the record. In the case of IPV6 addresses, .ip6.arpa is used. 

An example for PTR zones would be 122.39.17.178.in-addr.arpa. The Internet Service Provider (ISP) is often the IP address owner, so you must get in touch with your ISP if you want to add a PTR to your IP address. The structure of the PTR is the same as other DNS records.

Here is the syntax of a PTR.

(name)(ttl)(class)(type)(rdata)

Here is a breakdown of the syntax fields:

  • Name: This is the IP address 
  • TTL: This represents the time to live.
  • Class: It represents the DNS record class that is used.
  • Type: This field indicates the record type which is the PTR
  • rData: It holds the domain name or hostname

Many mail servers are configured to reject incoming mails from any IP address that does not have reverse DNS. For those who manage their own mail server, reverse DNS must exist for the IP address from which the outgoing email is sent.

What Are the Uses of Reverse DNS Lookup?

Reverse DNS lookups are commonly used by Email servers, and they influence email deliverability. Mail spammers often use IP addresses from hacked machines that do not have any valid PTRs to send spam or spoofed emails. Hence PTRs are security tools that can check email authenticity and hence prevents spam mail. A PTR or reverse DNS setup verifies the authenticity of the sender's mail IP. Most mail servers use reverse DNS to check if the IP address and the domain name match and ensure that incoming mail is valid. Reverse DNS is also used to identify a website visitor's origin, an email message's origin, etc.

The Reverse DNS Lookup Process

Since forward DNS maps a hostname to an IP address, reverse DNS (rDNS) indicates that you are mapping the IP address of a server back to a hostname. Using rDNS, the IP address is reversed, and then the in-addr.arpa is added to the end. For example, if you use the IPv4 address of 67.227.187.136, using rDNS, it would become 136.187.227.67.in-addr.arpa.

This method of reverse DNS resolution of an IP address uses a PTR. The PTR includes the forward hostname of the location where the IP is being utilized in the regular, or forward DNS mapping. If a domain has a PTR, you can do an rDNS Lookup by using one of the methods noted below.

It should also be noted that the rDNS settings are not set by the domain's nameservers specifically, but rather by the owner of the IP space through ARPA. This effectively pulls the PTR from the in-addr.arpa zone file from one of its own designated nameservers.

Perform an rDNS Lookup

There are various methods to perform a reverse DNS lookup.In Windows machines, you can use the nslookup command to perform rDNS lookup. Here is the command format.

nslookup  <IP address>

In Linux machines, you can use the dig command with the -x flag.

dig -x <IP address >

~$ dig -x 8.8.8.8

; <<>> DiG 9.16.1-Ubuntu <<>> -x 8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54229
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: bec277f6a35d40e75e0b1d6663c514ad513b86e35bf89039 (good)
;; QUESTION SECTION:
;8.8.8.8.in-addr.arpa.   	 IN    PTR

;; ANSWER SECTION:
8.8.8.8.in-addr.arpa.    300    IN    PTR    dns.google.

Another method of performing a reverse DNS lookup in Linux is with the host command.

host < IP address >

$ host 8.8.8.8
8.8.8.8.in-addr.arpa domain name pointer dns.google.

There are various online tools that provide rDNS lookups. Some of them would be:

Set Up rDNS

The general steps are the steps involved in setting up rDNS.

1. Collect the reverse DNS zone of the IP address from the ISP/host

As an initial step you will have to find the owner of the IP address. You can get this data using a whois search of the IP address. Now you can contact your ISP/hosting provider and collect the zone details of the IP. This zone will contain an IP address with its octets in reversed format and ends in in-addr.arpa. You can also verify if the syntax of delegation using online tools like MXToolBox.

2. Reverse DNS delegation should be requested from ISP/Host

Your ISP/host will have to delegate the rDNS to your DNS provider. You can update the nameservers of your domain to your ISP. However if your hosting provider can set up the rDNS of your IP, you can ask them to add the PTR and complete the setup. If you have control over the authoritative nameservers,

you can create a DNS zone by reversing the IP segments and then adding in-addr.arpa at the end. Once the rDNS is set up, add the PTR. 

In the name field add the last digit of your IP address for which rDNS is being set up, and the canonical hostname would be the domain name to which IP needs to resolve. After propagation, the rDNS record will successfully resolve.

It should also be noted that the rDNS settings are not set by the domain's nameservers specifically, but rather by the owner of the IP space through ARPA. This effectively pulls the PTR from the in-addr.arpa zone file from one of its own designated nameservers.

Wrapping Up

Liquid Web makes it easy to set up and manage rDNS for your server IPs. Setting up a reverse DNS record is straightforward and can be beneficial to ensure that an IP does indeed belong to the domain it claims. If you are unsure who your DNS provider is, follow our helpful guide to locating where you should add the rDNS record.

Would you like to host with The Most Helpful Humans In Hosting™? Our teams are available around the clock to assist with setting up your new Dedicated Server, or support you once you become a customer. Contact our sales team to get started.

Avatar for Sapta Upendran

About the Author: Sapta Upendran

Sapta is a passionate Linux system engineer, a voracious reader, a dexterous cook, and a wanderlust. She is also interested in technical and non-technical writing.

Latest Articles

Blocking IP or whitelisting IP addresses with UFW

Read Article

CentOS Linux 7 end of life migrations

Read Article

Use ChatGPT to diagnose and resolve server issues

Read Article

What is SDDC VMware?

Read Article

Best authentication practices for email senders

Read Article