The Step-by-Step Process of Reverse DNS Lookup
Understanding reverse DNS lookup is crucial for learning how the internet retrieves domain names from IP addresses and how emails become approved. To understand this process, the first step is to find out how forward DNS works.
Understanding Forward DNS
The DNS system makes the internet work: it translates domain names into IP addresses and finds their location. Because of it, all you have to know is a domain name — such as www.facebook.com — and you can access the website. This process works through DNS servers: master servers, which are owned by independent agencies, hold all the matching domain names and IP addresses; smaller ones hold fractions of the database, and they are owned by businesses or ISPs.
When you search for something on the internet, your browser requests information from the DNS server connected to your ISP. It looks for the matching IP address in its database, but if that doesn’t work, it moves the request to other servers until one of them has the data. Then, the server returns the information to your browser, and you can access the page.
Structuring IP Addresses for Reverse DNS
Reverse DNS (rDNS) does the opposite. This is used when you have the IP address and need to find the host to which it belongs. It uses a different set of data—an IP address of 220.127.116.11 would be reversed as 18.104.22.168 in order to be used in the rDNS process.
Depending on the version of IP you’re using — either v4 or v6 — your server will have a different way of structuring its data. V4 is more common, and it adds the top-level domain (TLD) “in-addr” to the end of the reversed IP address to signal what it is. It also adds “.arpa” because it is one of the TLDs for rDNS lookup. Using the above example, 22.214.171.124 would become 126.96.36.199.in-addr.arpa to make the original IP address searchable in rDNS databases.
Using rDNS to Access a Domain Name
To continue the process, the server refers to the Pointer record (PTR record), a collection of data specifically for rDNS lookup, and begins its search by using the properly formatted IP address through the following channels:
- First, it asks the root server if it has the IP address on record. If the first server is not sufficient, it can redirect you to another one.
- IP addresses are categorized into classes based on their first number, and the root server will send your request to a server that specializes in that class.
- Once the request has been redirected, it goes through the selected Regional Internet Provider (RIR) and asks for a match with the formatted IP address. The RIR will find the original internet or bandwidth provider of your address.
- The DNS server asks again for the PTR record, and the organization’s servers will give you the name in the form of host.example.com.
Why Use rDNS?
While it’s not important for everyone to have information in the reverse DNS database, it is crucial for any email provider. Emails are checked to make sure their servers have rDNS enabled to filter out spam, so it is necessary that you enable rDNS lookup if you are running an email server.