Reverse DNS is the process of using DNS to translate IP addresses to
hostnames. Reverse DNS is the opposite of Forward DNS, which is used to
translate hostnames to IP addresses.
One way to see reverse DNS at work is to use nslookup a tool on most OS’s.
Let’s use `nslookup` to do a forward and reverse DNS lookup on redhat.com:
##FORWARD LOOKUP
This is in different to Forward DNS, which are configured with A records (Address Records).
Typically you or a DNS provider is in charge of Forward DNS. In the case of Reverse DNS most likely your ISP supplying your IP information will have responsibility. You would simply send them what Hostname resolves to what IP, and they would setup the PTR records. You can setup Reverse DNS on your own name servers if you choose which we will cover in this article.
Your ISP or hosting provider may delegate your own range of IP addresses, or you may have NAT setup for Private IP space you control, in this case you must configure Reverse DNS thru PTR records on your DNS server.
A lot of Systems Administrators configure Forward DNS but not Reverse DNS. In most cases when you do this things will work fine, however some applications require doing Reverse DNS lookups in which case you could run into latency issues and a whole slew of other issues.
Common applications and protocols such as IRC, SMTP, Backup utilities, and Databases sometimes use Reverse DNS.
It is best practice to configure Reverse DNS from the get go, to avoid troubleshooting headaches.
Below is a quick example how-to.
Say you NAT Private IP’s in your network 192.168.0.1-192.168.0.255
STEP 1 create a zone file and place it where you store your zone files named
Your zone file will look like this: (between ##)
STEP 2 Enter the zone into your named.conf or named.boot as you would a regular zone.
This would go into your Master DNS server or Primary DNS server
Wholla if configured right you should be up and running. Make sure to tail your log file when you restart DNS for any errors in syntax
Continue reading Configuring Reverse DNS in BIND 9
One way to see reverse DNS at work is to use nslookup a tool on most OS’s.
Let’s use `nslookup` to do a forward and reverse DNS lookup on redhat.com:
##FORWARD LOOKUP
##REVERSE LOOKUP
[phil@ns1 ~]$ nslookup redhat.com Server: 206.71.175.XX Address: 206.71.175.XX#53 Non-authoritative answer: Name: redhat.com Address: 209.132.177.50
Reverse DNS is setup by configuring PTR records (Pointer Records) on your DNS server.
[phil@ns1 ~]$ nslookup 209.132.177.50 Server: 206.71.175.XX Address: 206.71.175.XX#53 Non-authoritative answer: 50.177.132.209.in-addr.arpa name = www.redhat.com. Authoritative answers can be found from: 177.132.209.in-addr.arpa nameserver = ns3.redhat.com. 177.132.209.in-addr.arpa nameserver = ns2.redhat.com. 177.132.209.in-addr.arpa nameserver = ns1.redhat.com.
This is in different to Forward DNS, which are configured with A records (Address Records).
Typically you or a DNS provider is in charge of Forward DNS. In the case of Reverse DNS most likely your ISP supplying your IP information will have responsibility. You would simply send them what Hostname resolves to what IP, and they would setup the PTR records. You can setup Reverse DNS on your own name servers if you choose which we will cover in this article.
Your ISP or hosting provider may delegate your own range of IP addresses, or you may have NAT setup for Private IP space you control, in this case you must configure Reverse DNS thru PTR records on your DNS server.
A lot of Systems Administrators configure Forward DNS but not Reverse DNS. In most cases when you do this things will work fine, however some applications require doing Reverse DNS lookups in which case you could run into latency issues and a whole slew of other issues.
Common applications and protocols such as IRC, SMTP, Backup utilities, and Databases sometimes use Reverse DNS.
It is best practice to configure Reverse DNS from the get go, to avoid troubleshooting headaches.
Below is a quick example how-to.
Say you NAT Private IP’s in your network 192.168.0.1-192.168.0.255
STEP 1 create a zone file and place it where you store your zone files named
(Notate your address space backwards missing last octect with .in-addr.arpa appended)
0.168.192.in-addr.arpa
Your zone file will look like this: (between ##)
The example zone file above stipulates the below:
####### @ IN SOA ns1.yournameserver.com. root.domain.com. ( 2007040301 ;serial 14400 ;refresh 3600 ;retry 604800 ;expire 10800 ;minimum ) 0.168.192.in-addr.arpa. IN NS ns1.yournameserver.com. 0.168.192.in-addr.arpa. IN NS ns2.yournameserver.com. 2 IN PTR blah1.domain.com. 3 IN PTR blah2.domain.com. 4 IN PTR blah3.domain.com. 5 IN PTR blah4.domain.com. 6 IN PTR blah5.domain.com. ########
The number 2-6 are the last octect of 192.168.0. and PTR is the pointer.
192.168.0.2 blah1.domain.com 192.168.0.3 blah2.domain.com 192.168.0.4 blah3.domain.com 192.168.0.5 blah4.domain.com 192.168.0.6 blah5.domain.com
STEP 2 Enter the zone into your named.conf or named.boot as you would a regular zone.
This would go into your Master DNS server or Primary DNS server
This would go into your Slave DNS server or Secondary DNS server
zone "0.168.192.in-addr.arpa" IN { type master; file "0.168.192.in-addr.arpa"; allow-update { none; }; };
STEP 3
zone "0.168.192.in-addr.arpa" IN { type slave; file "0.168.192.in-addr.arpa"; masters { whateveryourmasteripis; }; };
Wholla if configured right you should be up and running. Make sure to tail your log file when you restart DNS for any errors in syntax