≡ Menu

HowTo Test or Check Reverse DNS on a Linux / Unix

I am a new Linux and Unix command line user. How do I test or check reverse DNS for given IP address under Linux, OS X, BSD, Unix-like or Windows XP/Server 2003 based systems?

Reverse DNS lookup (also known as rDNS) is a process to determine the hostname associated with a given IP address.

Typically, the DNS is used to determine what IP address is associated with a given hostname; so to reverse resolve a known IP address is to lookup what the associated hostname for it. A reverse lookup is often referred to simply as reverse resolving, or more specifically reverse DNS lookups.

Tutorial details
DifficultyEasy (rss)
Root privilegesNo
Estimated completion time1m
The most common uses of the reverse DNS are:

  1. Anti-spam
  2. Network troubleshooting
  3. Avoid spammers and phishers using a forward confirmed reverse DNS etc

You can use standard UNIX / Linux utilities such as nslookup command, dig command or host command to find out reverse DNS of a given IP address.

Task: Find Reverse DNS for IP under Linux/UNIX

Type the following host command:
$ host ip-address-here
$ host

Sample outputs: domain name pointer cyberciti.org.

In this example output, IP is reverse mapped to cyberciti.org. Here is another reverse lookups done using dig command:
$ dig -x ip-address-here
$ dig -x

Sample outputs:

; <<>> DiG 9.8.3-P1 <<>> -x
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39113
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; ANSWER SECTION: 20975 IN	PTR	www.cyberciti.biz.

;; Query time: 32 msec
;; WHEN: Sat Feb  8 04:40:28 2014
;; MSG SIZE  rcvd: 76

Hiding additional display info while doing reverse ip lookup using dig command

You can only display the answer section of a reply with +answer option and clear all other display info with +noall option as follow:

dig +noall +answer -x

Sample outputs: 80127 IN	PTR	www.cyberciti.biz.

Task: Find Reverse DNS for IP under Linux/UNIX/Windows

nslookup works under Windows and UNIX like oses:
nslookup ip-address-here


Non-authoritative answer:      name = cyberciti.org.
Authoritative answers can be found from:

Demo: Reverse IP lookup on Linux, Unix, OS X and MS-Windows

Animated gif: host, dig, and nslookup command in action

Animated gif: host, dig, and nslookup command in action

Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 22 comments… add one }

  • Sha8e September 29, 2007, 2:22 pm


    How r u man?
    Vivek, how can I do a reverse ip check to a domain or box in order to know what websites is hosted on that box ?

    I need a linux COMMAND not solving it using a website. Can u help me ?

  • Mohammad Mateen March 13, 2008, 9:25 am

    its very simple

    dig -x IP (

  • Paul Seminario July 13, 2009, 2:47 am

    Hi… Please help me… Can u tell me a commands to make a reverse dns record in my server?
    Paul S.

  • Wisut Petsakul August 4, 2009, 9:03 am

    Very userful , Thanks.

  • mccalni December 21, 2009, 11:26 am

    Excellent. Thank you.

  • Nime June 3, 2010, 10:10 pm

    @echo off

    REM //NSLOOKUP batch check utility v1.0
    REM //Author: Emin Akbulut eminakbulut@gmail.com
    REM //Date: 03 June 2010
    REM //This code is freeware
    REM //Usage: Modify the DNS and host lists below, at line 23, then simply run the batch file.

    SET timeout=5

    IF “%1” == “/check” GOTO loopit

    if exist %0.log del %0.log > nul %2>nul
    if exist %0.bat.log del %0.bat.log > nul %2>nul
    echo —————————————
    echo Starting… %date% %time:~0,8%
    echo —————————————
    echo Report created on %date% %time:~0,8% >> %0.log
    REM %%A for DNS Servers list, %%B for target hosts to be checked
    FOR %%A IN ( DO FOR %%B IN (google.com yourdomain.com mail.yourdomain.com) DO CALL %0 /check %%A %%B

    echo ————————————— >> %0.log
    echo —————————————
    echo Done. Press any key to examine the log file…
    Pause > nul
    start notepad “%~0.log”
    GOTO done

    echo ————————————— >> %0.log
    echo nslookup %3 %2
    echo nslookup %3 %2 >> %0.log
    nslookup -timeout=%timeout% %3 %2 >> %0.log 2>nul


  • michal July 14, 2010, 12:33 pm

    nslookup has been obsolete for loooong time. I advise to not to waste your precious time learning utility, that is not supported any more.

  • Mpho October 26, 2010, 1:54 pm

    Please tell me how do i monitor DNS, DHCP, Wins on my server

  • Nime October 26, 2010, 3:05 pm

    To monitor DNS you may use my script.

    To test DHCP LOCALLY, the commands to inspire are:

    REM Set automatic IP
    netsh interface ip set address name=”LAN” dhcp
    REM Set automatic DNS
    netsh interface ip set dns “LAN” dhcp

    I don’t know much about WINS…

  • techie talks March 4, 2011, 1:37 am

    dig -x is good enough. Thanks!

  • J_S_P May 24, 2011, 5:36 pm

    This might be silly… but I have to ask!

    So the output is “ domain name pointer cyberciti.org.”

    Is “cyberciti.org” the CNAME in this case? If you look up other IP’s you get crazy outputs with dashes and long names which look like a CNAME. Is it too redundant to have yet another reverse entry for a CNAME?

    • nixCraft May 24, 2011, 7:25 pm

      No that is actual reverse entry. Our IP was changes some time ago. To get desired output try

       host domain name pointer www.cyberciti.biz.
  • Rocky June 14, 2011, 2:50 pm

    Hi Vivek,

    for reverse lookup, do i need to provide domain name or hostname of my server to my isp from which i got public ip?
    Domain name is example.com
    hostname is abc.example.com


  • Digital Extreme Media Group July 11, 2011, 11:34 pm

    Thanks for sharing. This is a good way to see if your ns1. and ns2 are set correctly.

  • Akula August 14, 2011, 8:33 am


    Can you please tell me how to create this reverse to records? I have 2 dedicated servers, 203.230 (ns1) / 200.254 (ns2), from localhost command ‘nslookup ip’ reply’s succes but from internet still not working, can you please create an full example?

    Kind Regards

    • David Amormino September 27, 2011, 2:15 am

      This bash example should print all the hosts from throught .254. (You could edit the IP address lines to suit your network, perhaps.)


      for i in {1..254}
        myhostname=`host 192.168.1.$i`
        if [ "$?" -eq 0 ]; then
          echo -ne $i
          echo -ne "\t"
          echo -ne "IN"
          echo -ne "\t"
          echo -ne "PTR"
          echo -ne "\t"
          echo `echo $myhostname | cut -d " " -f 5`

      I use this to generate rdns (reverse dns) files for my bind9 name server:

      bash rdns.sh >> /etc/bind/db.192

      I still need to put the correct lines in at the top of the db.192 file (from db.empty), but it accomplishes most of what I am after.

      • Jesse Bethke May 18, 2015, 5:04 pm

        *Borrowing* Thanks!

    • DotMG September 27, 2011, 7:56 am

      As far as I know, the fastest and simplest way to set rDNS is to ask your Server Provider. They do it manually.

  • Akula September 27, 2011, 12:09 pm

    You are right only the provider can create rdns.

    Thank You

  • Tommy Joe February 7, 2012, 10:37 pm

    I have been asked to check our own DNS and WINS servers to make sure we have all the correct controller details for the ???? Domain are present.
    Reason is We are currently arranging to move the PDC emulator role this week from IC?????? to BD??????

  • Bob Pelerson December 27, 2012, 6:40 pm

    note that you can use drill or dig on BSD too – not just Linux

  • Waqas April 16, 2013, 4:14 am

    Q1) I want to block the users to access the ptv.com website for some user and only for a time while like 1/3 week.how it is possible?
    Q2) other user can not use the internet I want to block the internet of the user.how it is possible?
    Q3) some user can open only permission webistes which I want to allow them like google/gmail/hotmail etc etc but can not access the yahoo/wwe websites.how it is possible?
    Q4) how to block the USB storage devices in Win Xp because when we make a policy to remove all storage device deny all then the option shows that atleast Win Vista. what does it mean?
    Q5) how DNS can take direct IP in the forward and reverse zone?
    Q6) why we use router in DHCP server?
    Q7) I saw if someone is uses in DNS server
    DNS IP
    subnet mask
    default gateway
    preferred DNS
    alternate DNS
    then it uses in DHCP server
    router IP
    why it uses this IP only in the router?why DHCP server can not validate the alternate DNS when we install the DHCP server?
    Q8) I want to allow only 2 user they can change the time and date.how it is possible?

    give me the full description on my email id
    with each step should be mention in the snapshot
    thank you
    for an advance to help me

Leave a Comment