HowTo Test or Check Reverse DNS on a Linux / Unix

last updated December 6, 2014 in Linux, Networking, UNIX, Windows

I am a new Linux and Unix command line user. How do I test or check reverse DNS for given IP address under Linux, OS X, BSD, Unix-like or Windows XP/Server 2003 based systems?

Reverse DNS lookup (also known as rDNS) is a process to determine the hostname associated with a given IP address.

Typically, the DNS is used to determine what IP address is associated with a given hostname; so to reverse resolve a known IP address is to lookup what the associated hostname for it. A reverse lookup is often referred to simply as reverse resolving, or more specifically reverse DNS lookups.

[donotprint][/donotprint]The most common uses of the reverse DNS are:

Anti-spam
Network troubleshooting
Avoid spammers and phishers using a forward confirmed reverse DNS etc

You can use standard UNIX / Linux utilities such as nslookup command, dig command or host command to find out reverse DNS of a given IP address.

Task: Find Reverse DNS for IP 75.126.43.235 under Linux/UNIX

Type the following host command:
$ host ip-address-here $ host 75.126.43.235
Sample outputs:

235.43.126.75.in-addr.arpa domain name pointer cyberciti.org.

In this example output, IP 75.126.43.235 is reverse mapped to cyberciti.org. Here is another reverse lookups done using dig command:
$ dig -x ip-address-here $ dig -x 75.126.153.206
Sample outputs:

; <<>> DiG 9.8.3-P1 <<>> -x 75.126.153.206
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39113
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;206.153.126.75.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
206.153.126.75.in-addr.arpa. 20975 IN	PTR	www.cyberciti.biz.

;; Query time: 32 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Feb  8 04:40:28 2014
;; MSG SIZE  rcvd: 76

Hiding additional display info while doing reverse ip lookup using dig command

You can only display the answer section of a reply with +answer option and clear all other display info with +noall option as follow:

dig +noall +answer -x 75.126.153.206

Sample outputs:

206.153.126.75.in-addr.arpa. 80127 IN	PTR	www.cyberciti.biz.

Task: Find Reverse DNS for IP 75.126.43.235 under Linux/UNIX/Windows

nslookup works under Windows and UNIX like oses:
nslookup ip-address-here nslookup 75.126.43.235
Output:

Server:         208.67.222.222
Address:        208.67.222.222#53

Non-authoritative answer:
235.43.126.75.in-addr.arpa      name = cyberciti.org.

Authoritative answers can be found from:

Demo: Reverse IP lookup on Linux, Unix, OS X and MS-Windows

Animated gif: host, dig, and nslookup command in action

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Your support makes a big difference:

I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft takes a lot of my time and hard work to produce. If everyone who reads nixCraft, who likes it, helps fund it, my future would be more secure. You can donate as little as $1 to support nixCraft:

Become a Supporter Make a contribution via Paypal/Bitcoin

22 comment

Sha8e says:

September 29, 2007 at 2:22 pm

Vivek,

How r u man?
Vivek, how can I do a reverse ip check to a domain or box in order to know what websites is hosted on that box ?

I need a linux COMMAND not solving it using a website. Can u help me ?
Mohammad Mateen says:

March 13, 2008 at 9:25 am

its very simple

dig -x IP (209.267.166.166)
Paul Seminario says:

July 13, 2009 at 2:47 am

Hi… Please help me… Can u tell me a commands to make a reverse dns record in my server?
Thansk….
Paul S.
Wisut Petsakul says:

August 4, 2009 at 9:03 am

Very userful , Thanks.
mccalni says:

December 21, 2009 at 11:26 am

Excellent. Thank you.
Nime says:

June 3, 2010 at 10:10 pm

@echo off

REM //NSLOOKUP batch check utility v1.0
REM //Author: Emin Akbulut eminakbulut@gmail.com
REM //Date: 03 June 2010
REM //This code is freeware
REM //Usage: Modify the DNS and host lists below, at line 23, then simply run the batch file.

SET timeout=5

IF “%1” == “/check” GOTO loopit

:start
cls
if exist %0.log del %0.log > nul %2>nul
if exist %0.bat.log del %0.bat.log > nul %2>nul
echo —————————————
echo Starting… %date% %time:~0,8%
echo —————————————
echo Report created on %date% %time:~0,8% >> %0.log
REM %%A for DNS Servers list, %%B for target hosts to be checked
FOR %%A IN (195.175.39.39 195.175.39.40 8.8.8.8) DO FOR %%B IN (google.com yourdomain.com mail.yourdomain.com) DO CALL %0 /check %%A %%B

echo ————————————— >> %0.log
echo —————————————
echo Done. Press any key to examine the log file…
Pause > nul
start notepad “%~0.log”
GOTO done

:loopit
echo ————————————— >> %0.log
echo nslookup %3 %2
echo nslookup %3 %2 >> %0.log
nslookup -timeout=%timeout% %3 %2 >> %0.log 2>nul

:done
michal says:

July 14, 2010 at 12:33 pm

nslookup has been obsolete for loooong time. I advise to not to waste your precious time learning utility, that is not supported any more.
Mpho says:

October 26, 2010 at 1:54 pm

Please tell me how do i monitor DNS, DHCP, Wins on my server
Nime says:

October 26, 2010 at 3:05 pm

To monitor DNS you may use my script.

To test DHCP LOCALLY, the commands to inspire are:

REM Set automatic IP
netsh interface ip set address name=”LAN” dhcp
REM Set automatic DNS
netsh interface ip set dns “LAN” dhcp

I don’t know much about WINS…
techie talks says:

March 4, 2011 at 1:37 am

dig -x is good enough. Thanks!
J_S_P says:

May 24, 2011 at 5:36 pm

This might be silly… but I have to ask!

So the output is “235.43.126.75.in-addr.arpa domain name pointer cyberciti.org.”

Is “cyberciti.org” the CNAME in this case? If you look up other IP’s you get crazy outputs with dashes and long names which look like a CNAME. Is it too redundant to have yet another reverse entry for a CNAME?
1. nixCraft says:
  
  May 24, 2011 at 7:25 pm
  No that is actual reverse entry. Our IP was changes some time ago. To get desired output try
```
 host 75.126.153.206
206.153.126.75.in-addr.arpa domain name pointer www.cyberciti.biz.
```
Rocky says:

June 14, 2011 at 2:50 pm

Hi Vivek,

for reverse lookup, do i need to provide domain name or hostname of my server to my isp from which i got public ip?
Domain name is example.com
hostname is abc.example.com

Thanks,
Rocky
Digital Extreme Media Group says:

July 11, 2011 at 11:34 pm

Thanks for sharing. This is a good way to see if your ns1. and ns2 are set correctly.

Hi,

Can you please tell me how to create this reverse to records? I have 2 dedicated servers, 203.230 (ns1) / 200.254 (ns2), from localhost command ‘nslookup ip’ reply’s succes but from internet still not working, can you please create an full example?

Kind Regards

This bash example should print all the hosts from 192.168.1.1 throught .254. (You could edit the IP address lines to suit your network, perhaps.)

rdns.sh:

#!/bin/bash
for i in {1..254}
do
  myhostname=`host 192.168.1.$i`
  if [ "$?" -eq 0 ]; then
    echo -ne $i
    echo -ne "t"
    echo -ne "IN"
    echo -ne "t"
    echo -ne "PTR"
    echo -ne "t"
    echo `echo $myhostname | cut -d " " -f 5`
  fi
done

I use this to generate rdns (reverse dns) files for my bind9 name server:

bash rdns.sh >> /etc/bind/db.192

I still need to put the correct lines in at the top of the db.192 file (from db.empty), but it accomplishes most of what I am after.

Jesse Bethke says:

May 18, 2015 at 5:04 pm

*Borrowing* Thanks!

DotMG says:

September 27, 2011 at 7:56 am

As far as I know, the fastest and simplest way to set rDNS is to ask your Server Provider. They do it manually.

Akula says:

September 27, 2011 at 12:09 pm

You are right only the provider can create rdns.

Thank You
Tommy Joe says:

February 7, 2012 at 10:37 pm

I have been asked to check our own DNS and WINS servers to make sure we have all the correct controller details for the ???? Domain are present.
Reason is We are currently arranging to move the PDC emulator role this week from IC?????? to BD??????
Bob Pelerson says:

December 27, 2012 at 6:40 pm

note that you can use drill or dig on BSD too – not just Linux
Waqas says:

April 16, 2013 at 4:14 am

Q1) I want to block the users to access the ptv.com website for some user and only for a time while like 1/3 week.how it is possible?
Q2) other user can not use the internet I want to block the internet of the user.how it is possible?
Q3) some user can open only permission webistes which I want to allow them like google/gmail/hotmail etc etc but can not access the yahoo/wwe websites.how it is possible?
Q4) how to block the USB storage devices in Win Xp because when we make a policy to remove all storage device deny all then the option shows that atleast Win Vista. what does it mean?
Q5) how DNS can take direct IP in the forward and reverse zone?
Q6) why we use router in DHCP server?
Q7) I saw if someone is uses in DNS server
DNS IP 192.168.30.1
subnet mask 255.255.255.0
default gateway 192.168.30.2
preferred DNS 192.168.30.1
alternate DNS 192.168.30.254
then it uses in DHCP server
router IP 192.168.30.2
why it uses this IP only in the router?why DHCP server can not validate the alternate DNS when we install the DHCP server?
Q8) I want to allow only 2 user they can change the time and date.how it is possible?

give me the full description on my email id
waqasanwer1@gmail.com
with each step should be mention in the snapshot
thank you
for an advance to help me

Still, have a question? Get help on our forum!

Tagged as: ip address, Easy