Reverse DNS


DNS helps us lookup the IP address of a name like example.com. But sometimes, we need to do the reverse: we need to figure out the name of an IP address.

For example, suppose we are given the IP address What is the domain of that IP address?

Finding the domain of an IP address is called reverse DNS (rDNS) lookup, and a system was created to help match every IP address with a domain name through the use of PTR (pointer) records.


rDNS is used:

  1. to prove that your mail server is not spam
  2. in diagnostic tools like traceroute
  3. to provide a vhost for identification on IRC

Every IP address should have a matching rDNS entry.


Information for rDNS lookup is stored in the .arpa top-level domain. For IPv4 addresses, the information is stored in in-addr.arpa. using this format:

<ip address>
<reverse of ip address>
<reverse of ip address>.in-addr.arpa.

Here is an example:               # Original four numbers, separated by dots               # Reverse the four numbers # Add .in-addr.arpa.

So the domain for would be found in the PTR record for

As another example, suppose we want to do a reverse lookup of the IP address               # Original four numbers, separated by dots               # Reverse the four numbers # Add .in-addr.arpa.

We lookup the PTR record for, which is ircnow.org.

Forward confirmed DNS (fcDNS)

The normal DNS and reverse DNS should match. If the A record for ircnow.org points to (which it does), then the IP address is also forward-confirmed.


rDNS works similarly for IPv6 addresses. For example, suppose you have the IPv6 address 2001:db8::c001:d00d. To find the domain, we first fill in all the missing zeros, remove the colons, put dots between each digit, then reverse the digits, then add .ip6.arpa.:

2001:db8::c001:d00d                                                         # Original IPv6 Address
2001:0db8:0000:0000:0000:0000:c001:d00d                                     # Fill in missing zeros (32 hex digits total)             # Remove colons : and put periods between digits
d.0.0.d.1.0.0.c.             # Reverse digits
d.0.0.d.1.0.0.c.   # Add .ip6.arpa.

Finally, we look up the PTR record for d.0.0.d.1.0.0.c. to find the domain.

Generally, an IP address should only have one PTR record. So, while many domains may resolve to a single IP address, an IP address can only resolve to one domain.

Why Reverse?

We reverse the digits when performing reverse DNS lookup because DNS is like a tree, with the highest nodes coming at the end, and the lowest nodes in the beginning.

For example, for the domain www.example.com, the highest node is root ., followed by com, then example, then www

.        # Highest node
www      # Lowest node

So you see, for a domain name, the lowest node is written first and the highest node written last.

For a reverse lookup, we want to structure the PTR records in the same way, with the lowest node written first and the highest node written last. So we reverse the order of the numbers in the IP address.

If you don't define a reverse DNS entry, your ISP or service provider may define one for you:

$ host domain name pointer 1-0-168-192.wifi.dynamic.isp.com.

This reverse DNS entry looks like it was automatically generated for a residential ISP. Mail providers often rely on this to mark email coming from this IP as spam. Unfortunately, most residential ISPs do not allow you to configure your rDNS, which is why you will want to use a VPS or dedicated server for sending mail. VPSes and server hosts will generally allow you to configure your IPv4 and IPv6 rDNS.