What Is Reverse DNS and What Does It Do?

5 min read
28 October 2021
Ignas Anfalovas

Learn more about the Reverse Domain Name System, how it works, what it is used for and how to use it yourself.

What is reverse domain name system, rDNS?

Reverse DNS, also known as rDNS, is an important Domain Name System function that allows mapping an Internet Protocol address to its domain name. You probably encountered this term when dealing with IP addresses, whether it be for blocking IPs on a firewall or blocklisting malicious ones that are attacking your website or mail servers.

While less crucial, rDNS is the opposite of forward DNS that returns the IP address of the hostname. It’s worth noting that these two types of lookups come from separate sets of data. As a result, the reverse DNS lookup of a particular IP may not match the domain’s IP resolved with forward DNS.

Simply put, reverse DNS is a lookup method that helps figure out the host of an IP address. 

How does reverse DNS really work?

Most websites on the internet can be reached by both the domain name and the IP address allocated to the website’s server. If you enter the IP address 173.194.217.103 into your browser’s address bar, you can access Google’s homepage. Since its domain has a valid rDNS, you can access Google by entering its IP address directly into your browser.

Reverse DNS entries are stored in pointer records (PTR). When reverse DNS lookups are performed, PTR records map IPv4 or IPv6 addresses to the canonical host names. However, if there is no pointer record set up on the web server, the lookup fails.

Image demonstrating the difference between DNS lookup and reverse DNS lookup.
DNS vs. rDNS

To ensure that a PTR record is set up for your IP, you might need to contact your internet service provider (ISP). In cases where an ISP provides you with a static IP address, only the provider can point the zone (domain name and IP address) to your DNS server. 

Unlike a forward DNS lookup, which doesn’t require a sub-delegation from your ISP, a reverse DNS lookup does not work if your provider does not set up a PTR record. Although, some providers allow setting it up within their customer portal.

What is reverse DNS used for?

Even though reverse DNS is not crucial for most websites, it has several salient use cases: 

  • Spam filtering in email servers
  • Website visitor identification
  • Analytics

The most common and essential rDNS function is spam filtering. Once a new email reaches the anti-spam security gateway, the recipient’s mail server performs a reverse DNS lookup to check if the sender’s mail server is legitimate. If the incoming message does not return a valid reverse DNS record, it is automatically rejected. 

That’s why it’s imperative to have PTR records set up on your mail servers both to prevent spam emails and to ensure messages are reaching the target.

The reverse lookup can also be helpful to the B2B sector. Since servers usually store the IP addresses of each unique user, the website’s owner can map these IPs to their domain names, distinguishing where website visitors came from. The process helps to generate potential leads. 

rDNS enables the B2B industry gather important information.
The B2B sector uses rDNS to gather essential information

Unlike machines, humans find it hard to read and remember numeric IP addresses. This is why we use domain names to access websites. Reverse DNS works by turning complex website visit logs into readable domains, making it easier to gather data for analytics. 

How to perform a reverse DNS lookup

Now that we have explained how rDNS works, we will show how you can perform reverse DNS lookups yourself. The process is not overly complex, and you can easily navigate it even if you don’t have a background in IT. 

Keep in mind that there are many methods and tools to map a given IP address to its host. You should pick one that suits your platform and needs best. 

Let’s start with the easiest method – using a reverse DNS lookup tool. 

rDNS lookup tools

Numerous online tools can help resolve rDNS. Using them is a straightforward process: Type in the target IP address into the engine of your choice and click the confirmation button. 

Here are a few examples of tools you can try:

If you’re not keen on using third-party services, you can perform the lookup manually.

rDNS lookup on Windows platforms

Windows users can effortlessly check reverse DNS records using the nslookup command. 

Let’s begin by opening the Command Prompt. You can access the utility via the Power User menu, which you can open using the Windows+X key combination. Alternatively, you can access the utility via the Start menu, which you can access by clicking the Windows icon in the bottom-left corner of your screen. You can also type cmd into the Start menu search bar.

Once the command prompt is open, enter the following command:

nslookup IP_ADDRESS

Note: Replace IP_ADDRESS with the IP address you want to resolve.

The image below demonstrates a reverse DNS query for an IP 8.8.8.8 using the Command Prompt.

Command Prompt window shows how nslookup command works.
rDNS lookup on Windows using Command Prompt

rDNS lookup on Linux platforms

The process of resolving rDNS on Linux is quite similar to Windows.

Start by opening the console terminal. The quickest way is to use a keyboard shortcut Ctrl+Alt+T or click the dash icon and type terminal into the search box. 

Once it is open, type in: 

dig -x IP_ADDRESS

Note: Don’t forget to change IP_ADDRESS with the IP address you want to resolve. 

rDNS lookup on MAC

If you’re using macOS, start by opening the terminal window. The easiest way to do it is by clicking the Launchpad icon in the Dock and typing terminal into the search field. 

Now, type the following command with your preferred IP address instead of IP_ADDRESS:

dig -x IP_ADDRESS

If you perform the lookup correctly, you will see the output similar to this example:

; <<>> DiG 9.10.6 <<>> -x 8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48826
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;8.8.8.8.in-addr.arpa. IN PTR

;; ANSWER SECTION:
8.8.8.8.in-addr.arpa. 77637 IN PTR dns.google.

;; Query time: 51 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri Oct 27 13:52:52 EEST 2021
;; MSG SIZE  rcvd: 73

How to configure reverse DNS

You can configure reverse DNS by determining a PTR record in the DNS server. The record stores IPv4 addresses in a special arpa domain. This domain represents an IPv4 address as a reversed concatenated sequence of four decimal numbers separated by dots and .in-addr.arpa attached as a suffix. 

An example of a reverse lookup using MXToolbox.
PTR record for 173.194.217.103

For example, to resolve the reverse lookup of the IP address 173.194.217.103, you should type 301.712.491.371.in-addr.arpa to get a domain name pointer dns.google.

Even though IPv6 is not commonly used yet, it is still worth knowing how rDNS is resolved for this type of IP address. In this case, you need to use a different special domain – ip6.arpa. The IPv6 address is represented as a reversed sequence of eight groups of four hexadecimal digits separated by colons. The sequence is completed by adding .ip6.arpa at the end. 

Let’s say we are trying to resolve an IPv6 address FE80::1585:4868:495F:D521. Here’s how it looks once resolved: 125D:F594:8684:5851:0000:0000:0000:08EF.arpa.

Conclusion

Reverse DNS lookup is the most effective way to map a single IP address to its domain name. However, the process can only be performed after the ISP provider points the zone to the IP’s DNS server system. Then, reverse DNS entries become available at the PTR record, which can map IPv4 or IPv6 addresses to the canonical name for the host. 

Reverse DNS lookup is most commonly used to filter spam emails and identify website visitors’ domains to gather valuable information and generate B2B leads. 

As we demonstrated, you can easily perform the reverse lookup to determine the domain of any IP address manually. Despite that, the process may become tedious if you need to perform hundreds of reverse DNS lookups.

About the author

Ignas Anfalovas

Platform Engineering Manager

Ignas is a Platform Engineering Manager at IPXO with more than 7 years of experience in the IT sector. His expertise includes network design solutions and infrastructure maintenance. After working hours, you will find Ignas in Lithuanian folk-dance classes.
Table of contents

Related reading

Various domain extensions, like, .net, .org, .com, and others.
6 September 2023   •   Network Engineering

DNS and rDNS: the Hidden Heroes That Keep the Internet Running

Discover the web's overlooked helpers - DNS & rDNS. Learn their importance, benefits, and automation's role in powering the online world.

Read more
A laptop with an envelope on the screen representing email.
19 July 2022   •   Network Engineering

Email Service Provider: What You Should Know About ESPs in 2022

Discover the differences between email service providers and webmail clients. Learn the importance of ESPs for successful email marketing campaigns.

Read more
Two computers exchanging files with FTP sign above them.
12 July 2022   •   Network Engineering, Networking Protocols

File Transfer Protocol Explained

What does FTP stand for? What is the importance of this protocol? How does it work? Read this post to learn all about the File Transfer Protocol.

Read more

Subscribe to the IPXO email and don’t miss any news!