webdnstools.com
DNS Lookup, Reverse DNS Lookup, Domain Configuration Check and IP Address Calculators

Reverse DNS

What is reverse DNS

Well, forward DNS resolution is where a name is resolved into an IP address. Reverse DNS resolution works the other way - it's where an IP address is resolved to a name.

How does reverse DNS work

The DNS client constructs a name by adding each octet of the IP address in reverse order, followed by .in-addr.arpa. For example, if you were performing a reverse DNS lookup on the IP address 192.0.2.19, the DNS client would turn it into 19.2.0.192.in-addr.arpa and then perform a DNS lookup.

Like all DNS lookups (assuming that these DNS entries haven't already been cached), your DNS client will start with the root DNS servers of the internet. The starting point would normally be asking the root server who is responsible for the "arpa" zone, then "in-addr.arpa", then "192.in-addr.arpa" etc. The root servers however, already seem to know who is responsible for all of the ".in-addr.arpa" zones for each of the first octets. This obviously saves look ups.

The root server will return a list of name servers that are authoritive for the entire 192.*.*.* address range. The DNS client will then pick one of these name servers and ask it to resolve 0.192.in-addr.arpa, and so on, until we get a PTR record for 19.2.0.192.in-addr.arpa. The DNS resolution stops at the pointer record and this is the reverse DNS entry.

How do I configure a reverse DNS entry

Control of reverse DNS entries belong to the owner of the IP address, not the owner of the domain name.

In most cases, you will need to contact your ISP and ask them to configure it for you - assuming the IP address is dedicated for your use. If you are an ISP, or you have been allocated a whole Class C of IP addresses, then you should have the ability to configure the reverse DNS entries on your own DNS server. The organisation that provided your IP addresses will be able to delegate control of that Class C of addresses to your DNS server.

Default Reverse DNS Entry

If you have a static IP address, what you get by default will depend on your ISP. Some ISP's don't provide reverse DNS entries by default. Some ISP's default reverse DNS entries to something like:

192-0-2-19.static.isp-domain-name.com

If you don't have a reverse DNS entry for the IP address that your email comes from, you may find that you'll have problems with SPAM software rejecting your email.

What is Reverse DNS used by

Many things use reverse DNS. An example is anti-spam email software. Before delivering an email, it is common for anti-spam software to perform a reverse DNS lookup on the IP address of the source mail server. It then checks that the reverse DNS entry matches the SPF record provided by the name server of the source email domain. If it does not match, it may flag the email as spam.