•  19-06-2023
  •  | 
  •  

Question

I understand the forward DNS lookup process. Essentially each domain has one or more authoritative name servers, and these authoritative name servers are ultimately responsible for answering the question what the ip address is for the domain name looked up.

However, I don't understand how the reverse DNS lookup works. Essentially I don't understand who is the authoritative rDNS name server? Normally whoever provided the ip address? When I dig -x a.b.c.d, how does the dig program know where to look for the authoritative rDNS server to get the domain name for the ip address a.b.c.d?

Thanks, Elgs

Was it helpful?

Solution

The owner of the a.b.c.d netblock is also the owner of c.b.a.in-addr.arpa. The reverse DNS query looks up a PTR record for d.c.b.a.in-addr.arpa. internally. (Still not too many years ago, you had to perform this manipulation yourself; it wasn't built into dig and friends.)

There are semi-obvious problems with this when the delegated netblock is smaller than a /24; then the upstream will have to handle rDNS somehow. It's not too uncommon that they will provide approximate or outright incorrect information in this scenario. (https://www.rfc-editor.org/rfc/rfc2317 proposes a solution, but it is nowhere near ubiquitous in practice.)

http://en.wikipedia.org/wiki/Reverse_DNS_lookup has a much more detailed treatment if you require details.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top