In computer networks, reverse DNS query or reverse DNS resolution (rDNS) is to query the Domain Name System (DNS) to determine the domain name associated with an IP address-the usual IP forward "DNS" lookup reverses the address from the domain name . The process of reversely resolving IP addresses uses PTR records. The Internet's reverse DNS database is rooted in the arpa top-level domain.
Simple Application Server
USD1.00 New User Coupon
* Only 3,000 coupons available.
* Each new user can only get one coupon(except users from distributors).
* The coupon is valid for 30 days from the date of receipt.
It is recommended that "every host that can access the Internet should have a name" and "for each IP address, there should be a matching PTR record", but this is not a requirement of the Internet standard, and not all IP addresses have reverse entries .
Historical usage
Modern "reverse DNS queries" should not be confused with the now obsolete "IQUERY" mechanism specified by RFC1035
The reverse query takes the form of a single RR in the answer part of the message with a blank question part. It is not important to query the owner name of the RR and its TTL. The response has a question in the question section, and its identifier has all the names of the query RR known to the name
server. Since no name server knows all the domain name space, the response can never be considered complete. Therefore, reverse query is mainly used for database management and debugging activities. Reverse lookup is not an acceptable way to map host addresses to host names; use the in-addr.arpa domain name instead.
Implementation details
IPv4 reverse resolution
The reverse DNS lookup of IPv4 addresses uses the special domain in-addr.arpa. In this domain, the IPv4 address is represented as a connected sequence of four decimal numbers separated by dots, with the second-level domain suffix .in-addr.arpa added. The four-digit decimal number is obtained by dividing a 32-bit IPv4 address into four octets and converting each octet to a decimal number. Then connect these decimal numbers in the following order: the least significant octet (leftmost), and the most significant octet last (rightmost). It is worth noting that this is contrary to the usual dotted decimal rule for writing IPv4 addresses in text form.
For example, to perform a reverse lookup on the IP address, the PTR record 4.4.8.8.in-addr.arpa of the 8.8.4.4 domain name will be searched, and the PTR record google-public-dns-b.google.com pointing to the domain name will be found.
If the google-public-dns-b.google.com of the A record points back to 8.8.4.4 in turn, it can be said to be forward confirmation.
Classless reverse DNS method
Historically, Internet registries and Internet service providers have assigned IP addresses to Class B and Class A in octet blocks of 256 (Class C) or larger. By definition, each block falls on an octet boundary. The structure of the reverse DNS domain is based on this definition. However, with the introduction of classless inter-domain routing, IP addresses are allocated in smaller blocks, so the original design of pointer records is impractical, because the autonomy of small block management cannot be granted, RFC2317 designed a A way to solve this problem by using CNAME records.
IPv6 reverse resolution
The reverse DNS lookup of IPv6 addresses uses the special domain ip6.arpa (previously ip6.int). The IPv6 address is displayed in this field as a sequence of nibbles in reverse order, expressed as a subfield with hexadecimal numbers. For example, the pointer domain name 2001:db8::567:89ab corresponding to the IPv6 address is ba9.8.7.6.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.bd0.1.0.0.2.ip6 .arpa.
Multi-pointer record
Although most rDNS entries have only one PTR record, DNS does not limit this number. For example, when the
supports many virtual hosts, multiple PTR records are used-that is, multiple host names are then resolved to a single address, and multiple host names will be returned for the PTR lookup for that shared address. However, DNS lookups usually occur on UDP, and because UDP has a limited message size, in extreme cases, multiple PTRs may cause DNS responses to exceed these UDP limits.
Records other than PTR records
Record types other than PTR records may also appear in the reverse DNS tree. For example, you can put encryption keys there for IPsec, SSH, and IKE. DNS-based service discovery uses specially named records in the reverse DNS tree to provide clients with hints about subnet-specific service discovery domains. Less standardized usage includes annotations placed in TXT records and LOC records to determine the geophysical location of IP addresses.
use
The most common uses of reverse DNS include:
The original purpose of rDNS: network troubleshooting through traceroute, ping and the "Received:" tracking header field of SMTP emails, website tracking users (especially on Internet forums), etc.
An email anti-spam technology: Check whether the domain name in rDNS may come from a dial-up user, or the dynamically assigned address is unlikely to be used by a legitimate
mail server. The owner of these IP addresses usually assigns them a generic rDNS name such as "1-2-3-4-dynamic-ip.example.com". Some anti-spam filters assume that emails from these addresses may be spam and may refuse connections.
Verification to Confirmation Reverse DNS (FCrDNS) can create a form of verification that shows the owner of the domain name and the relationship between the owners of the server with a given IP address is already valid. Although not very comprehensive, this type of verification is powerful enough and is often used for whitelisting purposes, because spammers and phishers often cannot achieve forward verification when using zombie computers to forge domain records.
System logging or monitoring tools usually receive entries for related devices specified only by IP addresses. In order to provide more usable data, these programs usually perform a reverse lookup before writing to the log, thereby writing names instead of IP addresses.
