Reverse DNS lookup (also known as rDNS) is a process to determine the hostname associated with a given IP address.
Typically, the DNS is used to determine what IP address is associated with a given hostname; so to reverse resolve a known IP address is to lookup what the associated hostname for it. A reverse lookup is often referred to simply as reverse resolving, or more specifically reverse DNS lookups.
[donotprint]| Tutorial details | |
|---|---|
| Difficulty | Easy (rss) |
| Root privileges | No |
| Requirements | None |
| Time | 1m |
- Anti-spam
- Network troubleshooting
- Avoid spammers and phishers using a forward confirmed reverse DNS etc
You can use standard UNIX / Linux utilities such as nslookup command, dig command or host command to find out reverse DNS of a given IP address.
Task: Find Reverse DNS for IP 75.126.43.235 under Linux/UNIX
Type the following host command:
$ host ip-address-here
$ host 75.126.43.235
Sample outputs:
235.43.126.75.in-addr.arpa domain name pointer cyberciti.org.
In this example output, IP 75.126.43.235 is reverse mapped to cyberciti.org. Here is another reverse lookups done using dig command:
$ dig -x ip-address-here
$ dig -x 75.126.153.206
Sample outputs:
; <<>> DiG 9.8.3-P1 <<>> -x 75.126.153.206
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39113
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;206.153.126.75.in-addr.arpa. IN PTR
;; ANSWER SECTION:
206.153.126.75.in-addr.arpa. 20975 IN PTR www.cyberciti.biz.
;; Query time: 32 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Feb 8 04:40:28 2014
;; MSG SIZE rcvd: 76Hiding additional display info while doing reverse ip lookup using dig command
You can only display the answer section of a reply with +answer option and clear all other display info with +noall option as follow:
dig +noall +answer -x 75.126.153.206 |
Sample outputs:
206.153.126.75.in-addr.arpa. 80127 IN PTR www.cyberciti.biz.
Task: Find Reverse DNS for IP 75.126.43.235 under Linux/UNIX/Windows
nslookup works under Windows and UNIX like oses:
nslookup ip-address-here
nslookup 75.126.43.235
Output:
Server: 208.67.222.222 Address: 208.67.222.222#53 Non-authoritative answer: 235.43.126.75.in-addr.arpa name = cyberciti.org. Authoritative answers can be found from:
Demo: Reverse IP lookup on Linux, Unix, OS X and MS-Windows
Animated gif: host, dig, and nslookup command in action
- RSS feed or Weekly email newsletter
- Share to Twitter • Facebook • 22 comments... add one ↓
Linux and Unix dig Command Examples
Postfix Backup MX eMail Server Anti-Spam Configuration
Linux / UNIX: DNS Lookup Command
How to test and validate DNSSEC using dig command line
dnstop: Monitor BIND DNS Server (DNS Network Traffic) From a Shell Prompt
Linux and Unix host Command Examples
Reverse nslookup Command
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
Vivek,
How r u man?
Vivek, how can I do a reverse ip check to a domain or box in order to know what websites is hosted on that box ?
I need a linux COMMAND not solving it using a website. Can u help me ?
its very simple
dig -x IP (209.267.166.166)
Hi… Please help me… Can u tell me a commands to make a reverse dns record in my server?
Thansk….
Paul S.
Very userful , Thanks.
Excellent. Thank you.
@echo off
REM //NSLOOKUP batch check utility v1.0
REM //Author: Emin Akbulut eminakbulut@gmail.com
REM //Date: 03 June 2010
REM //This code is freeware
REM //Usage: Modify the DNS and host lists below, at line 23, then simply run the batch file.
SET timeout=5
IF “%1” == “/check” GOTO loopit
:start
cls
if exist %0.log del %0.log > nul %2>nul
if exist %0.bat.log del %0.bat.log > nul %2>nul
echo —————————————
echo Starting… %date% %time:~0,8%
echo —————————————
echo Report created on %date% %time:~0,8% >> %0.log
REM %%A for DNS Servers list, %%B for target hosts to be checked
FOR %%A IN (195.175.39.39 195.175.39.40 8.8.8.8) DO FOR %%B IN (google.com yourdomain.com mail.yourdomain.com) DO CALL %0 /check %%A %%B
echo ————————————— >> %0.log
echo —————————————
echo Done. Press any key to examine the log file…
Pause > nul
start notepad “%~0.log”
GOTO done
:loopit
echo ————————————— >> %0.log
echo nslookup %3 %2
echo nslookup %3 %2 >> %0.log
nslookup -timeout=%timeout% %3 %2 >> %0.log 2>nul
:done
nslookup has been obsolete for loooong time. I advise to not to waste your precious time learning utility, that is not supported any more.
Please tell me how do i monitor DNS, DHCP, Wins on my server
To monitor DNS you may use my script.
To test DHCP LOCALLY, the commands to inspire are:
REM Set automatic IP
netsh interface ip set address name=”LAN” dhcp
REM Set automatic DNS
netsh interface ip set dns “LAN” dhcp
I don’t know much about WINS…
dig -x is good enough. Thanks!
This might be silly… but I have to ask!
So the output is “235.43.126.75.in-addr.arpa domain name pointer cyberciti.org.”
Is “cyberciti.org” the CNAME in this case? If you look up other IP’s you get crazy outputs with dashes and long names which look like a CNAME. Is it too redundant to have yet another reverse entry for a CNAME?
No that is actual reverse entry. Our IP was changes some time ago. To get desired output try
Hi Vivek,
for reverse lookup, do i need to provide domain name or hostname of my server to my isp from which i got public ip?
Domain name is example.com
hostname is abc.example.com
Thanks,
Rocky
Thanks for sharing. This is a good way to see if your ns1. and ns2 are set correctly.
Hi,
Can you please tell me how to create this reverse to records? I have 2 dedicated servers, 203.230 (ns1) / 200.254 (ns2), from localhost command ‘nslookup ip’ reply’s succes but from internet still not working, can you please create an full example?
Kind Regards
This bash example should print all the hosts from 192.168.1.1 throught .254. (You could edit the IP address lines to suit your network, perhaps.)
rdns.sh:
#!/bin/bash for i in {1..254} do myhostname=`host 192.168.1.$i` if [ "$?" -eq 0 ]; then echo -ne $i echo -ne "\t" echo -ne "IN" echo -ne "\t" echo -ne "PTR" echo -ne "\t" echo `echo $myhostname | cut -d " " -f 5` fi doneI use this to generate rdns (reverse dns) files for my bind9 name server:
I still need to put the correct lines in at the top of the db.192 file (from db.empty), but it accomplishes most of what I am after.
*Borrowing* Thanks!
As far as I know, the fastest and simplest way to set rDNS is to ask your Server Provider. They do it manually.
You are right only the provider can create rdns.
Thank You
I have been asked to check our own DNS and WINS servers to make sure we have all the correct controller details for the ???? Domain are present.
Reason is We are currently arranging to move the PDC emulator role this week from IC?????? to BD??????
note that you can use drill or dig on BSD too – not just Linux
Q1) I want to block the users to access the ptv.com website for some user and only for a time while like 1/3 week.how it is possible?
Q2) other user can not use the internet I want to block the internet of the user.how it is possible?
Q3) some user can open only permission webistes which I want to allow them like google/gmail/hotmail etc etc but can not access the yahoo/wwe websites.how it is possible?
Q4) how to block the USB storage devices in Win Xp because when we make a policy to remove all storage device deny all then the option shows that atleast Win Vista. what does it mean?
Q5) how DNS can take direct IP in the forward and reverse zone?
Q6) why we use router in DHCP server?
Q7) I saw if someone is uses in DNS server
DNS IP 192.168.30.1
subnet mask 255.255.255.0
default gateway 192.168.30.2
preferred DNS 192.168.30.1
alternate DNS 192.168.30.254
then it uses in DHCP server
router IP 192.168.30.2
why it uses this IP only in the router?why DHCP server can not validate the alternate DNS when we install the DHCP server?
Q8) I want to allow only 2 user they can change the time and date.how it is possible?
give me the full description on my email id
waqasanwer1@gmail.com
with each step should be mention in the snapshot
thank you
for an advance to help me