Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides
Register
FAQ
It is currently Fri Dec 01, 2023 2:34 am

ROOT ‹ FreeBSD, Linux and AIX ‹ TCP/IP Networking ‹ Unix reverse dns lookup - using dig command - PTR dns record type

Internet Protocol, Transport Control Protocol, Network protocols, Routing, Routers, IP aliases, Routes, Ethernet

Post a reply

Unix reverse dns lookup - using dig command - PTR dns record type

« Previous topic | Next topic »
Author Message
mandrei99
Post  Post subject: Unix reverse dns lookup - using dig command - PTR dns record type  |  Posted: Mon Jan 12, 2015 5:43 pm

Joined: Tue Aug 04, 2009 9:16 am
Posts: 250

Offline
 

Unix reverse dns lookup - using dig command - PTR dns record type

DIG is a unix dns lookup utility available in most of the distributions, Linux and FreeBSD included. Either in the package distributions or in the base systems.

For a list of dns records, best source is wiki "List of DNS record types" http://en.wikipedia.org/wiki/List_of_DNS_record_types. The main and most used DNS record types are:
- dns SOA record: it defines the start of authority for specific domain.
- dns A record: it points a human readable domain name (example: http://www.mywebsite.com) to a machine readable IPv4 address (example: 192.168.1.1).
- dns AAAA record: it has the same significance as A record type, but it points to an IPv6 address.
- dns MX record: it maps a domain name to a list of mail transfer agents for that specific domain
- dns PTR record: it is used for reverse DNS lookups. It returns a human readable FQDN assigned to an IP address. Example: IP 192.168.1.1 is mapped to "internal-gateway-if-eth0.mydomain.com"

This tutorial shows how to perform reverse DNS lookup for an IPv4 address using dig command, but before a little about Reverse DNS lookup quoted from wikipedia: Reverse DNS lookuphttp://en.wikipedia.org/wiki/Reverse_DNS_lookup
Quote:
Reverse DNS lookup
From Wikipedia, the free encyclopedia
"Reverse DNS" redirects here. For other uses, see Reverse DNS (disambiguation).
In computer networking, reverse DNS lookup or reverse DNS resolution (rDNS) is the determination of a domain name that is associated with a given IP address using the Domain Name System (DNS) of the Internet.

Computer networks use the Domain Name System to determine the IP address associated with a domain name. This process is also known as forward DNS resolution. Reverse DNS lookup is the inverse process, the resolution of an IP address to its designated domain name.

The reverse DNS database of the Internet is rooted in the Address and Routing Parameter Area (arpa) top-level domain of the Internet. IPv4 uses the in-addr.arpa domain and the ip6.arpa domain is delegated for IPv6. The process of reverse resolving an IP address uses the pointer DNS record type (PTR record).

Informational RFCs (RFC 1033, RFC 1912 Section 2.1) specify that "Every Internet-reachable host should have a name" and that such names match with a reverse pointer record, but it is not a requirement of standards governing operation of the DNS itself.


Now that we know what the reverse DNS lookup database is and what are the domains allocated for reverse lookups for IPv4 and IPv6 here are two examples of doing this with dig command:
1. dig dns reverse lookup using -x option (from "man dig": -x option is supplied to indicate a reverse lookup):
Code:
$  dig +short -x 82.78.227.176         
176.176-191.227.78.82.in-addr.arpa.
ivorde.ro.


2. dig dns lookup using domain assigned for IPv4 reverse lookups.
Code:
$ dig +short ptr 176.227.78.82.in-addr.arpa.                               
176.176-191.227.78.82.in-addr.arpa.
ivorde.ro.


One ting to note here is that the PTR lookup query argument is the IP address starting at 4th byte and ending at 1st byte followed by the ".in-addr.arpa." keyword which is ipv4 domain followed by a dot.


Last edited by mandrei99 on Tue Jan 13, 2015 8:20 pm, edited 1 time in total.



Top
mandrei99
Post  Post subject: Re: Unix reverse dns lookup - using dig command - PTR dns record type  |  Posted: Tue Jan 13, 2015 4:48 am

Joined: Tue Aug 04, 2009 9:16 am
Posts: 250

Offline
It is not mandatory that an IP address is the A record for the reverse lookup record for an IP address. Example:
Reverse lookup for IP 192.168.1.1 have a PTR record of "gateway-internal-eth0.myintranet.com". But the A record for "gateway-internal-eth0.myintranet.com" could not exist or it point to a different IP address (due to lack of efficient DNS records management or some other reason).

For best practices and where possible it is recommended that the IP address to be the A record for it's PTR record.


Top
Display posts from previous:  Sort by  
 E-mail friendPrint view
Post a reply

Topics related to - "Unix reverse dns lookup - using dig command - PTR dns record type"
 Topics   Author   Replies   Views   Last post 
There are no new unread posts for this topic. DNS reverse lookup in Windows 7 and Linux using - nslookup

mandrei99

0

5937

Tue Jan 13, 2015 8:31 pm

mandrei99 View the latest post

There are no new unread posts for this topic. FreeBSD how to sniff a unix socket using "socat" utility.

mandrei99

0

5543

Thu Dec 12, 2013 6:13 am

mandrei99 View the latest post

There are no new unread posts for this topic. Set up FTP PROXY via command line in Linux/FreeBSD

mandrei99

0

22857

Tue Jan 20, 2015 5:01 pm

mandrei99 View the latest post

 

Who is online
Users browsing this forum: No registered users and 0 guests
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
Jump to:  
News News Site map Site map SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list


ROOT ‹ FreeBSD, Linux and AIX ‹ TCP/IP Networking
Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]



phpBB SEO