The first thing about DNS that we all learn is that “it is a translator that understands domain names and gives us their IP addresses”. But what does it mean rDNS? It is the opposite service to the traditional DNS. It will translate the IP address to its domain name. Why would you want that? Let’s break down rDNS in detail to understand it.
What is rDNS?
Reverse DNS or rDNS is a quering technique that DNS (Domain Name System) uses to perform a special type of query that has as an input an IP address (IPv4 or IPv6 address) and an output a name record (A record or AAAA record). It is called reverse because it mirrors the typical forward DNS lookup – IP address to a domain name.
You may want to use rDNS to check a particular host. Each host that is connected to a network has an IP address as an identifier. You can easily see the IP address, but you could perform a reverse DNS lookup on it and see its domain name and make a decision if you can trust it or not.
What do you need to use rDNS?
You will need the following in order to use rDNS:
- Well-configured forward DNS zone with A or AAAA DNS records. The reverse query will check the name records too.
- Reverse Primary Zone. Just like the typical DNS records, it needs a Primary Zone. In this case, it is a separate one because the PTR records can’t be kept inside a forward zone.
- PTR record. This is the actual record that you can input the IP address and the domain name.
- An rDNS service. You will need to have an rDNS service. You can create a DNS server yourself and set it up or pay for a managed DNS service and use the name servers of a DNS provider.
What is a Reverse Primary Zone?
The DNS zone is a part of the domain namespace that serves administrative services. The Reverse Primary Zone is the part where you can add a special type of DNS record called PTR (pointer). It has the IP address of the host and points to its name.
You need the Reverse Primary Zone because the PTR records can’t be put in a forward DNS zone.
The Reverse Primary Zone is hosted inside a Primary authoritative server and can be managed by the DNS administrator.
What is a PTR record?
The PTR record is the DNS record that makes the link between the IP address and the hostname. It is used for reverse DNS queries. When somebody, a person or a server, needs to check if it is true that an IP address really belongs to a particular domain, it will perform the reverse DNS query and search for the PTR records inside the Reverse DNS Zone. If this search can’t find the PTR record or records, the failure could result in authentication problems and eventually to problems like not delivered emails or emails sent directly to the spam folder.
Conclusion
After breaking down rDNS into its components, you can see how really easy it is to understand it. You have a specific DNS zone called Reverse Primary Zone. In it, you add PTR records that have IP addresses and point to hostnames. And that serves to verify hosts and prove that they belong to a particular domain name.