Page 1 of 1

rDNS Reverse DNS

Posted: Fri Oct 09, 2020 7:45 am
by Wamuran4512CH
Reverse DNS Formats
There are two general formats for Reverse DNS. Your DNS zone will need to conform to whichever format your RSP chooses:

Standard format
For an IP block beginning at A.B.C.D /X, the reverse DNS zone should be D.C.B.A.in-addr.arpa. This is the format discussed in this brief guide.

Old format
For an IP block beginning at A.B.C.D /X, the reverse DNS zone would be D-X.C.B.A.in-addr.arpa. This is the format still used by some RSPs ( eg Frontier - AAPT ), and usually contains a slash (D/X.C.B.A.in-addr.arpa), which must be replaced with a dash.

Typical Reverse DNS Configurations
I have a very small number of IPs. i.e. /30

Reverse DNS Using PTR

Most customers only need reverse DNS for one or two IP addresses, since reverse DNS is mostly used for outgoing email servers. In this case, it is easiest to simply have your RSP create the necessary records on their side.

Your RSP will need to create CNAME records on their side which correspond to the PTR records. For example, let’s assume you have a DNS zone for ausgeek.ru and wish to delegate two IP addresses to it: 1.2.3.4 (mail.ausgeek.ru) and 1.2.3.5 (smtp.ausgeek.ru). There are two steps:

1. Ask your RSP ( e.g. Superloop, FBB Future Broadband etc. ) to create CNAME records pointing to PTR records in your DNS zone, one for each IP address, following this format:

4.3.2.1.in-addr.arpa 86400 IN CNAME 4.rev.ausgeek.ru
5.3.2.1.in-addr.arpa 86400 IN CNAME 5.rev.ausgeek.ru

2. In your DNS zone for yourdomain.com, create corresponding PTR records for each address:

Host: 4.rev
TTL: 43200
Type: PTR
Data: mail.ausgeek.ru
Host: 5.rev
TTL: 43200
Type: PTR
Data: smtp.ausgeek.ru

Requests for these individual IP addresses will be answered by the PTR records in your domain’s DNS zone.

Testing your delegation

The best way to test your reverse DNS configuration is using the command:

Code: Select all

dig -x 1.2.3.6 +trace
where ipaddr ( e.g. 1.2.3.6 ) is a sample IP address in your block. (dig is a DNS lookup utility in Mac and Linux, with Windows versions available online.) The +trace parameter will show the whole delegation chain; if configured correctly, you will see our response with your PTR record at the end. If something is misconfigured, you will be able to see your ISP’s configuration and where the problem lies. If you get stuck, contact your RSP for technical assistance.
Reverse-DNS-Manual_New-CI.pdf
(681.13 KiB) Downloaded 382 times
Other useful resources:

https://theitbros.com/reverse-dns-lookup/