Forward and reverse DNS resolution

Forward resolution: searches for IP addresses through domain names;

Reverse resolution: searches for domain names through IP addresses;

A domain name is a dedicated address translation system for convenience of memory. to access a server on the internet, it must be implemented through IP addresses, domain name resolution is the process of re-converting a domain name to an IP address. This process is completed through the DNS of the domain name resolution system.

Forward resolution: obtain the corresponding Wan IP address through the host name;
You can also use the host name to view forward resolution information:
Enter NSLookup domain in the command line.
You can see the result of forward resolution from the returned information.
C: \> NSLookup www.google.com
Server: zj-ns1.cableplus.com.cn
Address: 219.233.241.166 ------ DNS name server information

Non-Authoritative Answer:
Name: www.google.com
Addresses: 2404: 6800: 4005: c00: 63
74.125.128.106
74.125.128.147
74.125.128.99
74.125.128.103
74.125.128.104
IP address group of 74.125.128.105 -------www.google.com

Next, let's take a look at what reverse IP resolution is. We often use DNS servers with two areas: "Forward search area" and "reverse search area". Forward search area is what we usually call domain name resolution, the reverse lookup area is the IP address reverse resolution mentioned here. It is used to query the PTR record of the IP address to obtain the domain name pointed to by the IP address. Of course, to successfully obtain the domain name, you must have the PTR record of this IP address. The PTR record is a type of mail exchange record. The mail exchange record contains a record and PTR record. The a record resolves the name to the address, and the PTR record resolves the address to the name. An address refers to the IP address of a client and the name refers to a customer's fully qualified domain name. Query PTR records to perform reverse queries.

The reverse DNS function ensures that the appropriate email exchange records take effect. Reverse Domain name resolution is opposite to normal forward domain name resolution, providing the corresponding IP address to the domain name. Reverse IP resolution is mainly applied to the mail server to block spam, especially in foreign countries. Most spam senders use IP addresses that are dynamically allocated or do not have registered domain names to send spam emails to avoid tracking. After domain name reverse resolution is used, the number of spam mails can be greatly reduced.

For example, you use the xxx@name.com mailbox to send a letter to my 123@163.com. 163 When receiving this email, the mail server will view the header file of this email. the header file of this email will show the IP address of the email. Then perform reverse resolution based on the IP address. If the domain name corresponding to the IP address is name.com, the email will be accepted. If reverse resolution finds that the IP address does not correspond to name.com, then the email is rejected.

In the domain name system, an IP address can correspond to multiple domain names. Therefore, the whole domain name tree should be traversed from the IP address, but this is unrealistic on the Internet. To complete Reverse Domain name resolution, the system provides a special domain called the reverse resolution domain in-addr.arpa. In this way, the IP address to be resolved will be expressed as a display string like a domain name, And the suffix will reverse resolve the domain
Name ends with "in-addr.arpa.
For example, if an IP address is 222.211.233.244, its reverse domain name is expressed as 244.233.221.222.in-ADDR. ARPA.

In the two expressions, the IP address order is the opposite, because the domain name structure is from bottom up (from the subdomain to the domain), and the IP address structure is from top down (from the network to the host. In essence, Reverse Domain name resolution expresses an IP address as a domain name and uses the address as the index domain name space. In this way, a large part of reverse resolution can be included in forward resolution.

View reverse resolution information:
Enter NSLookup-Qt = PTR yourip in the command line.
You can see the reverse resolution result from the returned information.

C: \> NSLookup-Qt = PTR 74.125.128.106
Server: zj-ns1.cableplus.com.cn
Address: 219.233.241.166 ----- DNS name server information

Non-Authoritative Answer:
106.128.125.74.in-ADDR. Arpa name = hg-in-f106.1e100.net

125.74.in-ADDR. Arpa nameserver = ns4.google. com
125.74.in-ADDR. Arpa nameserver = ns1.google. com
125.74.in-ADDR. Arpa nameserver = ns2.google. com
125.74.in-ADDR. Arpa nameserver = ns3.google. com --- corresponding domain name
Ns1.google. COM Internet address = 216.239.32.10
Ns2.google. COM Internet address = 216.239.34.10
Ns3.google. COM Internet address = 216.239.36.10
Ns4.google. COM Internet address = 216.239.38.10