What is Reverse DNS?

Print Version
Share to a friend

Reverse DNS (Domain Name System) lookup, also known by the acronym (rDNS),

is the process by which someone can look up a host name given a particular IP address.

Reverse DNS is also known in some places as reverse resolving. It is the opposite of DNS lookup,

by which someone looks up an IP address given a particular host name.

 

Why use Reverse DNS?

A reverse DNS lookup is usually performed for troubleshooting purposes.

Commonly, tools like a traceroute or a ping will do a reverse DNS lookup to determine the

flow of traffic from one point to another. Another common place for reverse DNS lookup is

when accessing a person’s email. Many modern email providers will do reverse DNS lookups to

determine if an email was sent from a known spam address. Finally, reverse DNS can be used

to make sure that there is a proper relationship between the owner of a server and the

owner of a domain name. This technique, known as Forward Confirmed reverse DNS (FCrDNS)

is used to put a stop to phishing sites and spammers.

 

What is IPv4 Reverse DNS lookup?

IPv4 Reverse DNS is a type of reverse DNS that uses a reverse IN-ADDR entry with the

special domain “in-addr.arpa”. The IP address represented in the in-addr.arpa domain

is written in reverse order to the usual way that the IP address is written. For example,

if a person was performing a reverse domain lookup for an address such as 192.168.1.1,

he would do the lookup using 1.1.168.192.in-addr.arpa.

 

What is IPv6 Reverse DNS lookup?

IPv6 Reverse DNS lookup is a type of reverse DNS that uses the special domain ip6.arpa.

Unlike IPv4 Reverse DNS lookup, IPv6 Reverse DNS lookup does not use the standard IP address

style of looking up host names. Instead, it uses a sequence of nibbles, or four bit aggregations,

in reverse order with each number separated by a period. For example, if a person was performing

a reverse domain lookup for an address such as 2001:0db8:0:0:0:0:1428:57ab he would do the lookup

using b.a.7.5.8.2.4.1.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.

 

What happens when there are multiple host names assigned to one IP address?

A reverse DNS lookup will be able to determine all of the host names associated with

a particular IP address, though this practice is sometimes frowned upon.

Many cheap web hosting plans will offer shared virtual hosts where many sites

share space on the same IP address. Although this does not affect the validity of

the information returned by a reverse DNS lookup, it can lead to problems with other services.