07 August 2019

What is Reverse DNS?

Reverse DNS is IP (Internet Protocol) address to domain name mapping. It is the opposite of forward (regular) DNS which charts domain names to IP addresses.

Reverse DNS IS different from forward DNS.

Forward DNS for “xyz.com” pointing to IP address “6.7.8.9”, does not automatically mean that the reverse DNS for IP “6.7.8.9” also points to “xyz.com”.

This originates from two separate data sets.

A distinct PTR-record type stores reverse DNS entry. The PTR record is named by combining the IP address and its segments in reverse form +”.in-addr.arpa”. For instance, the reverse DNS entry for IP 6.7.8.9 would be saved as a PTR-record for “9.8.7.6.in-addr.arpa”.

Reverse DNS also differs from forward DNS by the pointer of the domain name (zone) to a specific DNS server. In a forward DNS, the zone is pointed to a DNS server by registering the domain name with a registrar. In the case of a reverse DNS, the user’s internet service provider (ISP) must point towards the zone to the user’s DNS server. If the ISP does not sub-delegate, the reverse zone will not work.

Who uses reverse DNS and for what?

Reverse DNS is used by ‘human’ operators (as opposed to bots) for activities such as tracking a web-visitor’s location or the origin of an email. It is not as necessary as the forward DNS since visitors can reach a website regardless of whether there is a reverse DNS on the web server or in the visitor’s ISP.

Reverse DNS are vital for one key application; email delivery. Many email servers have been configured to reject incoming mails without a reverse DNS. Where a DNS server lacks a reverse DNS, the out-going email is likely to be rejected by the server of the intended recipient. This is regardless of where the reverse DNS record points to- so long as it is present.

How does a reverse DNS lookup work?

In many DNS lookups, clients usually carry out a forward lookup, which is a search done according to the DNS name of a different computer, and how it is saved in the host (A) resource record. This query type requires an IP address for the resource data of its response.

Domain Name System also offers a lookup reverse process, where users use a known IP address to lookup a specific computer based its own address. A reverse lookup often assumes the format of a question such as, “What is the DNS name of a computer that uses the IP address 182.980.1.30?”

DNS was not principally built to support this query type. One issue with supporting the reverse query process is the difference in how IP addresses are assigned and how the DNS namespace arranges and indexes names. If the only way to respond to previous questions is to examine all domains in the DNS namespace, it would take too long to rely on the processing of a reverse query.

This problem can be resolved by defining a special domain in the DNS standards, and keeping it in the web DNS namespace to offer a pragmatic and reliable way to conduct reverse queries. The reverse namespace is created by forming subdomains within the in-addr.arpa domain, using the reverse arrangement of numbers in the dotted-numerical system of IP addresses.

The reversed arrangement of the domains for each number in the octet series is important because, IP addresses, unlike DNS names, are read from left to right. This means they are translated in the reverse manner.

When an IP address is interpreted from left to right, it is seen from its universal information (an internet protocol address) in the first section of the address to the more specialized information (an IP host address) present in the previous octets. It is because of this that the octet order has to be transposed when the domain tree is constructed.

Organisations can be assigned the IP addresses of the DNS in-addr.arpa tree because they are allocated a particular or reduced set of IP addresses in the Internet-defined address categories. Lastly, the in-adr.arpa domain tree, as it is configured into DNS, needs an extra resource record type to be specified.

The in-addr.arpa domain is applicable to every TCP/IP network that is based on IP version 4 (IPv4) addressing. When a new reverse lookup zone is created, the New Zone Wizard spontaneously assumes that this domain is being used. If a user is setting up DNS and arranging reverse lookup zones for IP version 6 (IPv6) network, the exact name of the New Zone Wizard can be specified.

Inverse queries

The utilisation of inverse queries is an outmoded practice, first proposed as part of the Domain Name System standard to look up a host’s name using their IP address. It uses an atypical DNS query operation, and it is restricted to previous versions of NS Lookup, a testing and troubleshooting command-line service for the DNS Server.

> Learning Hub

SiteLock