IPFYI
🌐 DNS Deep Dive 7 分钟阅读

Reverse DNS and PTR Records

Understand reverse DNS lookups, PTR records, the in-addr.arpa zone, and why reverse DNS matters for email deliverability.

What Is Reverse DNS?

Reverse DNS (rDNS) is the process of resolving an IP address back to a hostname. While forward DNS maps example.com -> 93.184.216.34, reverse DNS maps 93.184.216.34 -> example.com.

Reverse DNS uses PTR (Pointer) records stored in a special zone called in-addr.arpa for IPv4 and ip6.arpa for IPv6.

How PTR Records Work

PTR records map IP addresses to hostnames. The IP address is reversed and appended to in-addr.arpa:

IP: 93.184.216.34
Reversed: 34.216.184.93
PTR record: 34.216.184.93.in-addr.arpa. IN PTR example.com.

# Perform a reverse DNS lookup
dig -x 93.184.216.34
# Or
nslookup 93.184.216.34
# Or
host 93.184.216.34

The reversal is necessary because the DNS hierarchy works from right to left. The in-addr.arpa zone is delegated following the IP allocation hierarchy: IANA -> RIR -> ISP -> customer.

Why the IP Is Reversed

DNS is hierarchical, reading right to left. For the domain www.example.com, the resolver goes: . -> com -> example -> www. IP addresses are hierarchical left to right (network portion first). Reversing the IP makes it compatible with the DNS hierarchy:

Forward:  www.example.com -> .com -> .example -> www
Reverse:  34.216.184.93.in-addr.arpa -> .93 -> .184 -> .216 -> .34

Why Reverse DNS Matters

Email Deliverability

Reverse DNS is critical for email servers. Most mail servers perform an rDNS lookup on incoming connections and reject or flag messages from IPs without valid PTR records:

  • Gmail, Outlook, Yahoo all check rDNS.
  • A missing or mismatched PTR record is a strong spam signal.
  • The PTR hostname should resolve back to the same IP (forward-confirmed reverse DNS or FCrDNS).

Server Identification

System administrators use rDNS to identify servers in: - Log files (IP addresses are replaced with hostnames for readability). - Traceroute output (routers display their PTR hostname). - Network monitoring tools.

Security

  • SSH performs rDNS lookups by default (can cause login delays if rDNS is slow).
  • Access control lists may reference hostnames resolved via rDNS.

Setting Up PTR Records

Unlike forward DNS (which you manage), reverse DNS is managed by whoever controls the IP address block:

  • If you own the IP block -- Set PTR records in your reverse DNS zone.
  • If your ISP assigns the IP -- Contact your ISP or hosting provider to set PTR records. Most hosting providers offer a control panel for this.
# Verify your PTR record is set correctly
dig -x YOUR_IP_ADDRESS

# Check forward-confirmed reverse DNS (FCrDNS)
# 1. Reverse lookup: IP -> hostname
dig -x 93.184.216.34
# Result: example.com

# 2. Forward lookup: hostname -> IP
dig example.com A
# Result should include 93.184.216.34

Common Issues

  • No PTR record -- ISPs often do not set PTR records for residential IPs. This is why running a mail server from home is difficult.
  • Generic PTR -- ISPs may set PTR records like host-93-184-216-34.example-isp.net which do not match your domain.
  • Propagation delay -- PTR changes can take hours to propagate due to caching.

另请参阅

A Record 词汇表 AAAA Record 词汇表 Authoritative DNS Server 词汇表 CNAME Record 词汇表 DNS 词汇表 DNS Resolver 词汇表 MX Record 词汇表 NS Record 词汇表 DNS over HTTPS vs DNS over TLS 比较 Cloudflare DNS (1.1.1.1) vs Google DNS (8.8.8.8) 比较 Authoritative vs Recursive DNS 比较 BIND vs Unbound 比较