Reverse IP Reverse IP

What is a Reverse IP Lookup

The Reverse DNS Check tool queries the given IP to resolve to a hostname. The hostname is anything like a normal domain or sub-domain, i.e. google-public-DNS-a.google.com. This hostname is Google's hostname against IP 8.8.8.8 which is Google's public DNS IP. Whereas if you enter your IP, it might point to the hostname of your ISP, or if you query your server's IP, it might show you your domain name on which it resolves.


DNS PTR (Pointer) Record

A PTR record, known as a pointer record or reverse DNS record, is the type of Domain Name System (DNS) record used to store the domain or hostname for an IP address. It maps an IP address to a hostname.

PTR records referred to as "reverse DNS" records are used in Reverse IP lookup. You can get the associated domain name or hostname using the IP address.

It is the opposite of both an A record for an IPv4 address and an AAAA record for an IPv6 address, referred to as "forward DNS" records.

Typically, a user wishes to establish a connection to a server with a domain name that is already known, but the user does not have the correct IP address. When a user enters a domain name in the browser, the DNS lookup process occurs, matching the domain name to an IP address.

A reverse DNS lookup or reverse IP lookup is an opposite process that starts with an IP address and ends with the associated domain name or hostname's lookup. Here the user already knows the IP address and wishes to find the domain or hostname associated with that IP.

How are DNS PTR records stored?

The PTR record's structure is the same as other DNS record types. The different pieces of information are arranged in the record in their relevant fields.

<name> <ttl> <class> <type> <rdata>

  • <name>: It is filled with the IP address.
  • <ttl>: It is Time to Live. It is the time in seconds for which the entry is valid. On its expiry, it needs to be activated again.
  • <class>: It contains the abbreviation of the DNS record class being used.
  • <type>: It has the record type. i.e., PTR.
  • <rdata>: It contains the resource data, the domain, or the hostname.

The syntax is similar to A record, but the field content is different. Here, one thing is essential to reverse mapping. Therefore the IP address is specified in reverse sequence.

In IPv4

An A record must exist for every PTR record. A PTR record stored as the IP address is broken into segments and then reversed, followed by .in-addr.arpa. (it is the namespace within .arpa for reverse DNS lookups in IPv4).

For example, the PTR record of IPv4 address 8.8.4.4 for domain dns. google will be stored under 4.4.8.8.in-addr.arpa.

NameTTLClassTyperdata
4.4.8.8.in-addr.arpa.3600INPTRdns.google

In above example

  • 4.4.8.8.in-addr.arpa. represents the identifier of the record. This is the PTR record for A record 8.8.4.4
  • PTR is the type of DNS record.
  • dns.google is the value of the record. It is the domain or hostname associated with the IP address.
  • 3600 is the TTL (Time to Live).

In IPv6

IPv6 addresses are composed differently than IPv4 addresses, and IPv6 PTR records exist in their distinct namespace within .arpa. PTR records for IPv6 are stored under the IPv6 address, reversed, and converted into four-bit sections (as opposed to 8-bit sections, as in IPv4), plus .ip6.arpa.

For example, the PTR record of IPv6 address 2001:4860:4860::8844 for domain dns.google will be stored under 4.4.8.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.8.4.0.6.8.4.1.0.0.2.ip6.arpa.

NameTTLClassTyperdata
4.4.8.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.8.4.0.6.8.4.1.0.0.2.ip6.arpa.3600INPTRdns.google

In above example

  • 4.4.8.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.8.4.0.6.8.4.1.0.0.2.ip6.arpa. represents the identifier of the record. This is the PTR record for A record 2001:4860:4860::8844
  • PTR is the type of DNS record.
  • dns.google is the value of the record. It is the domain or hostname associated with the IP address.
  • 3600 is the TTL (Time to Live).

 

How to check the PTR record or perform a reverse IP lookup?

In Windows, Linux, or macOS

If you are using Windows, run nslookup IP_address in your command prompt.

If you are using Linux or MAC OS, run dig -x IP_address on Linux's console terminal or MacOs's terminal.

Replace the IP address with your domain's IP address.

Using Reverse IP Lookup Tool

Just enter the IP address and click on the "Submit" button. The tool will perform the reverse IP lookup and provides you with the result.

Also, check PTR records through multiple DNS servers around the world with the WhatsMyDNS tool.

Primary uses for PTR records.

PTR records are used in reverse IP lookups. These records are a must for outgoing mail servers.

Some email servers like Gmail and Yahoo mail use anti-spam filters to check whether the IP address of a server trying to deliver mail has matching forward and reverse DNS records. It helps to check the domain or hostname(s) of an email address(es) and see if the associated IP address(es) is likely to be used by the legitimate email server.

As anti-spam filters perform these checks, email delivery problems can occur from a misconfigured or missing PTR record. To send mail PTR record is mandatory. If a domain does not have a PTR record or the PTR record contains the wrong domain or hostname, email services may block or reject all emails from that domain. The mail servers use them to make sure that emails come from the location they claim to come from.

Do I need PTR records?

The simple answer is yes. Email is an integral part of the business, and PTR records usage is in Google's best practices.

You never want your email to bounce back or be a part of a spam folder. It harms your trustworthiness and credibility and makes your customers wonder why your email is not reaching their inboxes.

Can I have multiple PTR records?

Typically, a PTR record can point to only one hostname. But what if you need multiple PTR records for a single IP to point to various hostnames? That will work when you have several domains registered; all have the same IP address as the DNS A record.

The Domain Name System does not restrict your number of entries, but having multiple PTR records is not recommended at all. Because the software running the mail servers often expects only a single entry for each IP address, "One IP - One PTR."

If various PTR records are defined for a single IP address, a server may pick one at random during a reverse IP lookup.

There is no such feature available for PTR records, like the MX records, to prioritize.

Moreover, adding several PTR records for a single IP address does not improve trustworthiness. And it may even result in a failed verification of A/PTR records and reducing email delivery ratio.

How long does it take for a PTR record to propagate?

It typically depends on how frequently the hosting company updates the zone files. Even if you update the PTR records from the hosting panel's dashboard, and the hosting company immediately updates their zone files after those updates. Still, it takes time because of DNS TTL.