Key Differences Between Forward and Reverse DNS Lookup | WhoisXML API
Products APIs Data Feeds Web Tools Domain Research & Monitoring Enterprise Packages
WHOIS / WHOIS History
WHOIS / WHOIS History

Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.

DNS / DNS History
DNS / DNS History

Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.

IP Geolocation / IP Netblocks
IP Geolocation / IP Netblocks

Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Access our web-based solution to dig into and monitor all domain events of interest.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.

Research
Monitoring
White-Label
Enterprise API Packages
Enterprise API Packages

Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.

Security Intelligence (SI) Suite
Security Intelligence (SI) Suite

Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.

Premium API Services
Premium API Services

Enjoy priority data access with our premium API services topped with extra perks including dedicated team support, enterprise-grade infrastructure, and SLAs for full scalability and high performance.

×
Contact Us
API docs Integrations Pricing Blog FAQ



DNS & DNS History Blog

Read other articles

Key Differences Between Forward and Reverse DNS Lookup

Posted on December 2, 2018

Forward and reverse DNS are connected, but there are a few key differences that set them apart. While both use DNS servers, forward DNS is used every time you access an email or webpage, while reverse DNS lookup has a more specific purpose and uses.


Uses of Forward and Reverse DNS

When you type a website address into your browser or send an email, your computer uses forward DNS. This is when your browser translates a domain name (such as www.google.com) into a series of numbers, an IP address that is attached to that website.

Reverse DNS is a little more complicated: this is when you have the IP address and you need to find the host. Email servers are checked with a reverse DNS lookup tool to make sure they are not spam, so this is particularly relevant to companies that create their own email addresses.

Understanding DNS servers

DNS Servers Explained

Both forward and reverse DNS use servers to access information. A DNS server is like a codebook that stores web addresses, which are easy for people to remember, and their corresponding meanings in numerical form, designed for a computer to organize and search.

When your computer looks for missing information, it accesses DNS servers. Servers have specialized sets of data: if the root server—the first server—is insufficient, it will redirect your server to another source until it finds the data it needs.

How Computers Format rDNS

No special formatting is required for forward DNS lookup since it links each web address to an IP address. When your computer’s server prepares an IP address for reverse DNS lookup, it adds certain codes to the numbers to make it searchable in the database.

  • First, it reverses the data: an IP address of 1.3.5.7 would be structured as 7.5.3.1.
  • Next, it will add an ending to the data depending on the version of IP you use. V4 is used most commonly, and it requires “in-addr” to be added to the numbers. This is called a Top Level Domain (TLD), which is an ending to websites and IP addresses that signal their use. More common examples include “.com” or “.gov,” which indicate whether a webpage is commercially or governmentally produced.
  • An additional TLD, “.arpa,” is added to the data to prepare it for rDNS lookup. In the example, 1.3.5.7 becomes 7.5.3.1.in-addr.arpa.

The Steps of Reverse DNS Lookup

After reformatting the data, your server completes the following steps:

  • It accesses the initial server and determines if it has the web address.
  • If not, your server’s request is redirected to a server specializing in the type of information you require.
  • Your server will go through a Regional Internet Registry (RIR), which will attempt to find the match for the IP address. If successful, the RIR will determine the original provider attached to the IP address.
  • Your server will translate that information into a web address in the form of www.example.host.

While forward and reverse DNS lookup have many similarities and are very useful, there are additional steps involved with reverse DNS. The understanding of both creates a more complete picture of how the internet stores and retrieves crucial information.

Read other articles
Try our WhoisXML API for free
Get started