A standard (forward) DNS lookup translates a domain name into an IP address. A reverse DNS lookup does the opposite: it takes an IP address and returns the associated domain name (hostname). This is done using a special DNS record called a PTR record.
How Reverse DNS Works
Reverse DNS uses a special domain zone called in-addr.arpa for IPv4. The IP address is reversed and appended to .in-addr.arpa to form a domain name that is looked up in DNS.
For example, to reverse-look up 93.184.216.34:
- Reverse the octets: 34.216.184.93
- Append: 34.216.184.93.in-addr.arpa
- Look up the PTR record at that address
- Result: example.com (or whatever PTR record is set)
Why Reverse DNS Matters
- Email authentication: Mail servers check PTR records to verify that the sending server's IP has a valid reverse DNS entry. Missing or mismatched PTR records cause email to be flagged as spam.
- Security logging: Log analysis tools show hostnames instead of bare IP addresses, making logs easier to read.
- Network troubleshooting: Identify which organization owns an IP by looking up its PTR record.
- Abuse reporting: Identify the owner of an IP that is sending spam or attack traffic.
Reverse DNS vs Forward DNS
| Type | Input | Output | Record Type |
|---|---|---|---|
| Forward DNS | example.com | 93.184.216.34 | A / AAAA |
| Reverse DNS | 93.184.216.34 | example.com | PTR |
People Also Ask
- What is the use of reverse DNS lookup?
- Primarily for email server verification (preventing spam), security log analysis, and identifying the owner of an IP address without needing a full WHOIS lookup.
- Should I enable reverse DNS?
- Yes, if you run a mail server. An IP without a valid PTR record will cause many mail servers to reject or spam your email. Ask your server host to set a PTR record matching your mail server's hostname.
Related: Reverse DNS Lookup tool | DNS records | WHOIS lookup