How to perform Reverse DNS Lookup

Reverse DNS (or rDNS), as the name implies, is a method of resolving an IP address back to a domain name.

Uses of Reverse DNS

The reason for using Reverse DNS is the same as the reason for using standard DNS (forward DNS). Domain names are easier to remember and recognize than a string of numbers. rDNS is less important than forward DNS, since forward DNS records are required to resolve a web page. Domains will still load without a Reverse DNS record.

Email servers often use rDNS to block incoming SPAM messages. Many mail servers are set to automatically reject incoming mail from IP addresses that do not have rDNS. Although the rDNS record can block spam, it is not a reliable method and is primarily used as an additional layer of protection. It's also worth noting that turning on rDNS can still lead to mail being rejected for a variety of reasons. In addition, rDNS is also used in analytics and logging to help provide human-readable data, instead of a log that is composed entirely of IP addresses.

Reverse DNS Lookup process

How to perform Reverse DNS Lookup Picture 1

Forward DNS maps the hostname to the IP address, while rDNS (or Reverse DNS) indicates that the user is mapping the server's IP address back to the hostname. Using rDNS, the IP address is reversed, and then in-addr.arpa is added at the end. For example, if you used an IPv4 address 67.227.187.136 and used rDNS, it would become 136.187.227.67.in-addr.arpa.

This IP address's Reverse DNS resolution method uses PTR records. The PTR record contains the 'forward hostname' of the location where the IP is being used in normal DNS mapping or forward DNS. If a domain has a PTR record, a user can do an rDNS Lookup using one of the methods noted below.

It should also be noted that the rDNS setting is not specifically set by the domain nameservers but by the owner of the IP space via ARPA. This effectively pulls the PTR record from the in-addr.arpa zone file of one of its own specified nameservers.

Perform rDNS Lookup

Many online tools can be used to perform rDNS lookup. Here are some examples of these online tools:

1. MXToolbox.com
2. Whatismyip.com
3. IPLocation.net

You can also do rDNS lookup manually from the command line. In Linux, the command you will use is "dig" with the "-x" flag added.

If you're on a Windows machine, you usually use the 'nslookup' command , but you can also use 'ping -a' . An example of the Linux command and its output are shown below:

dig -x 8.8.8.8

Output:

;<<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> -x 8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<

You can see the full rDNS PTR record for that IP in 'ANSWER SECTION' which leads 8.8.8.8 back to Google's subdomain, google-public-dns-a.google.com :

8.8.8.8.in-addr.arpa. 21599 IN PTR google-public-dns-a.google.com.

Set up rDNS

Setting up a Reverse DNS record is very simple and can be beneficial in ensuring that an IP actually belongs to the domain it claims. If you're not sure who your DNS provider is, follow TipsMake 's helpful guide  in determining where you should add an rDNS: DNS record where is the hosted DNS?

Samuel Daniel

Update 09 December 2020