What is rDNS?

You probably already know what a forward DNS is. It links the associated hostname/domain to the IP address. Now think from the opposite direction. rDNS, also known as Reverse DNS, is doing the mirror action, using the IP address to find the hostname/domain name. You might be surprised that this is actually needed, but it has significant application. It is very useful for email verifications B2B and troubleshooting.

Imagine this situation, you don’t have a reverse DNS set up, but you are sending a very important email to another company. They have a mail server with Anti-Spam protection. It will check if you have rDNS and if you are missing it, your message will go directly to the spam bin. This protection reduces the phishing significantly by putting straight into the spam, all emails that have IPs that don’t correspond to IPs of the domains they say they come from.

All devices connected to the internet have their IP addresses. This makes it easy to do a reverse DNS lookup and see who it is on the other side. For this purpose, you will need a PTR record.

Check out Reverse DNS service by ClouDNS!

Why is rDNS important?

There are several reasons why rDNS is crucial. Some of them are the following: 

• Email Authentication: rDNS helps authenticate email servers and prevent spam. A large number of email servers will only accept incoming emails from hosts with a valid PTR record. That way, they avoid spam and phishing emails from spoofed IP addresses.
• Network Troubleshooting: rDNS can be used to help troubleshoot network issues. If a network administrator is trying to diagnose a problem with a specific IP address, they can use rDNS to determine which hostname is associated with it. This can help them identify the device or service causing the problem.
• Protection: Some security systems use rDNS to identify and block malicious traffic. For example, some intrusion detection and prevention systems will use rDNS to recognize and stop traffic coming from known malicious IP addresses.
• Access Control: In some cases, rDNS can be used to control access to a network or specific services. For example, some firewalls and VPNs use rDNS to allow or deny access to particular hosts or services based on their hostname.

How does rDNS work?

The main goal of rDNS is to map an IP address to a hostname. In order to achieve that, it works by performing a reverse lookup of an IP address to find the associated domain name.

The process of rDNS starts with a query to a DNS server, asking for the hostname associated with a specific IP address. The DNS server then looks up the available IP address in its records, and if it finds a match, it returns the associated hostname.

Reversing the forward DNS process and resolving an IP address to a domain name requires a Reverse DNS zone and a PTR record. So, let’s explain a little bit more about them!

PTR record

The PTR record is also called a Pointer record, and its primary purpose is to link the IP address to its corresponding hostname/domain name. It is important to note that you should have an A or AAAA record for each PTR record you create. The explanation behind this practice is pretty simple. An A record or AAAA record maps a hostname/domain name to its IP address, and PTR goes exactly in the opposite direction. That is why it is essential to ensure you configure your DNS records accurately without any mistakes. Otherwise, there is a possibility for your emails to land directly into the spam folder of your recipients.

Reverse DNS zone

Using rDNS requires creating a special type of DNS zone called a Reverse DNS zone. That is the only place where PTR records are able to exist and function correctly. Reverse DNS can work both with IPv4 addresses and IPv6 addresses, yet they should be written in reverse. That is because there is a specific root domain in-addr.arpa that uses the IP addresses in reverse order. So, for example, the IP address 111.123.101.1 becomes 1.101.123.111.in-addr.arpa.

How to start using rDNS?

The first step is to create a Reverse DNS zone; you can do that from the Control Panel, add a new zone and click on the Master Reverse DNS zone.

Watch the video to find out how to add Master Reverse DNS zone

This zone is directly related to the size of your IP network. For example in IPv4/24 network, you will have 255 IP addresses. In the network 192.168.1.0/24, all the available IPs will be from 192.168.1.1 to 192.168.1.255, and the Reverse DNS zone will have this format 1.168.192.in-addr.arpa

Now in this Reverse zone, we can add PTR records that match each IP from the network. You just add a new record; this will be for the first IP 192.168.1.1

Type: PTR

Host: 1

Points to: hostname1.example.com

The PTR records will look like this in the Control Panel:

Then, make sure that there is a matching A record. Each PTR must have one.

Find more information about PTR records and how to create them!

The last step is to change the name servers of your Reverse zone at your IP provider or ask them to do it. A configured NS records at the IP provider must point to the name servers listed in your Control Panel.

What in-addr.arpa is?

in-addr.arpa is a critical component in the architecture of Reverse DNS (rDNS), playing a pivotal role in how rDNS functions. This special domain is used specifically for mapping IP addresses to domain names, which is the essence of rDNS. Here’s a concise overview:

• Purpose: Used for IPv4 reverse DNS lookups, in-addr.arpa facilitates the conversion of IP addresses into a format suitable for DNS queries. This process is vital for various network services, especially email authentication.
• How it works: An IP address like 192.0.2.1 reverses to “1.2.0.192.in-addr.arpa“. A DNS query for this domain retrieves the associated domain name via a PTR record, crucial for verifying communication sources.
• IPv6 addresses: For IPv6, a similar domain called “ip6.arpa” is used, reflecting the distinct structure of these addresses.
• Management: Managed by IANA, in-addr.arpa’s namespace is partly delegated to ISPs for localized reverse DNS record management.

In essence, in-addr.arpa underpins rDNS, crucial for network integrity and cybersecurity efforts.

rDNS lookup – How to do it?

Now that we have explained the basics of rDNS, it’s time to show you how to perform an rDNS lookup. Besides, the process is simple, and you don’t need to have a background in IT to complete it. 

• Windows

If you are a Windows user, you can perform rDNS lookup with the NSlookup command. First, open the Command Prompt by pressing the Windows key + R, then typing “cmd” and pressing Enter. Type the following command:

$ nslookup 1.2.3.4

• macOS and Linux

If you are a macOS or Linux user, you can complete the rDNS lookup with the Dig command or the Host command. Open the Terminal application and write the following:

$ dig -x 1.2.3.4

or 

$ host -t PTR 1.2.3.4

*Please, make sure to replace “1.2.3.4” with the IP address (IPv4 or IPv6) you wish to check.

It’s important to note that in some cases, the rDNS lookup may not return any results if the IP address does not have a PTR record associated with it. Besides, in other cases, the response may show “NXDOMAIN” or “NXRRset”. Also, some firewalls or security systems may block reverse DNS queries.

Comparing rDNS and Forward DNS

Understanding the differences and interactions between Reverse DNS (rDNS) and Forward DNS is crucial in grasping internet infrastructure’s full scope.

Forward DNS is the process that converts human-readable domain names (like www.example.com) into IP addresses (like 192.168.1.1). This conversion is essential for internet navigation, allowing users to access websites without memorizing complex numeric addresses.

On the other hand, Reverse DNS (rDNS) works in the opposite direction. It takes an IP address and returns the corresponding domain name. This process is particularly important in scenarios where knowing the source of a network request is crucial. For example, when an email server receives a message, it might use rDNS to verify that the IP address of the sender matches the domain name claimed in the email. This verification helps in filtering out spam or spoofed emails.

The interaction between these two systems is symbiotic. While forward DNS is primarily used for routing internet traffic to the correct destinations, rDNS plays a key role in authentication and security. Together, they form a comprehensive system for both reaching and validating internet entities.

Conclusion

rDNS is essential for email authentication, network security, and troubleshooting network issues. It performs a reverse lookup of an IP address to find the associated hostname. To achieve that, creating a Reverse DNS zone and adding PTR records is required. Thanks to this amazing technology, the Internet is a more secure place by identifying the authenticity of the source of the email, and it is beneficial for network troubleshooting.

30-day Free Trial for Premium Anycast DNS hosting

The post rDNS explained in detail appeared first on ClouDNS Blog.

But first, let’s explain a little bit more about what DNS records actually are.

DNS records briefly explained

DNS records are simple text-based instructions for a specific domain name. Their main purpose is to set precise rules for the domain. Additionally, they are created and gathered in a zone file in the DNS zone. All that information is stored on the Authoritative DNS server for the particular domain name. As we mentioned, DNS records are completely made of text. Therefore, they are pretty light. That allows DNS administrators to edit and adjust them easily. 

Every DNS record type has a different function, so each of them is important for the proper management of the domain name. Moreover, when a user makes a request, the Recursive DNS servers search for a precise DNS record type. 

For the rest of this article, we are going to present to you some of the most important and interesting DNS record types. 

Common DNS record types

There are several types of DNS records, each serving a different purpose. Let’s take a look at some of the most common ones:

SOA Record

SOA (Start of Authority) shows the start of the authority DNS zone and specifies the global parameters of the zone. Every zone must have one, and you can’t add two per zone. It has the following parameters: Serial number, Primary Nameserver, DNS admin’s email, Refresh Rate, Retry Rate, Expire Time and TTL.

A and AAAA Records

These DNS record types are perhaps the most popular and also most important. The A record and the AAAA record are both responsible for mapping a domain name to its corresponding IP address. This is what enables users to access your website via its domain name. The difference is that A record points to an IPv4 and the AAAA record to IPv6.

MX Record

The MX record, commonly also known as mail exchange record, is used to specify the email server responsible for accepting incoming email messages for a domain name. This DNS record type is crucial for ensuring that your email gets delivered to the correct mail server. Basically, it says which server should receive the incoming emails. If it is not directed well, you won’t receive emails.

CNAME Record

CNAME record is another very popular DNS record type where the short acronym “CNAME” stands for Canonical Name. It allows you to point one hostname to another, not to an IP address like the A and AAAA records. You can use it when you want to create an alias for a domain name. It serves just for subdomains. It is important to note that you can add only one CNAME record per hostname.

TXT Record

The TXT record allows you to add and store text-based information about a domain name. There are all kinds of TXT records and some of them people can easily understand, and others are specifically for machines to read. For example, DKIM (DomainKeys Identified Mail) record is a TXT record that associates a domain name with a specific email message. There is also DMARC (Domain-based Message Authentication, Reporting, and Conformance) record that identifies and blocks spam and phishing emails by verifying the emails.

SPF Record

Creating an SPF (Sender Policy Framework) record shows who is authorized to send emails with a particular domain. Without it, all the emails you send will go directly to the spam folder of the recipients. It is helpful for preventing email spoofing and phishing attacks.

NS Record

The short acronym “NS” stands for Nameservers, and this NS record points the domain name to its authoritative DNS servers responsible for the DNS zone. The NS record is essential for ensuring that your domain name is properly registered and configured.

SRV Record

SRV records are responsible for defining the locations of servers for specified services, such as voice-over IP (VoIP), instant messaging, and others.

Web Redirect (WR) Record

The Web Redirect record does precisely what it says. It redirects from one address to another. There are a few types: 301 redirect which is a permanent redirect, and 302 redirect, which is temporary, if the address has been moved but not permanently. You can do such a redirection with SSL too.

ALIAS Record

ALIAS record is a very similar to the CNAME record. It allows you to add various hostnames for the same subdomain. You can use it for the root domain as well. This type of record is built into the ClouDNS.

RP Record

The RP record, or Responsible person record, shows who is responsible for the domain name and specifies its email address.

SSHFP Record

Secure Shell Fingerprint record is used for Secure Shell (SSH). The SSHFP record is typically used with DNSSEC enabled domains. When an SSH client connects to a server, he or she checks the corresponding SSHFP record. If there is a match, the server is legit, and it is safe to connect to it.

PTR Record

The PTR record, also commonly known as the Pointer record, points an IP address (IPv4 or IPv6) to a domain name. It is the exact opposite of the A and AAAA records, which match the hostnames to IP addresses. PTR records are used for Reverse DNS.

NAPTR Record

IP telephony uses Naming Authority Pointer records, or for short NAPTR records,  for mapping the servers and the users’ addresses in the Session Initiation Protocol (SIP).

CAA record

Certification Authority Authorization (CAA record) record gives the ability to the DNS domain name holder to issue certificates for his/her domain. The record can set policies for the whole domain or for specific hostnames.

Wildcard DNS Record

The Wildcard DNS record will match requests for non-existing domain names. It is specified with a “*” for example *.cloudns.net

For more information, examples, and video tutorials check the following DNS record wiki page.

How many DNS record types are there?

The Domain Name System (DNS) offers an extensive collection of DNS record types, each tailored to specific functions within the internet’s architecture. Currently, there are over 60 standardized DNS record types, which highlights the system’s complexity and adaptability to various networking needs.

Among these record types are the fundamental A and AAAA records, which respectively map domain names to IPv4 and IPv6 addresses, enabling the routing of internet traffic. MX records handle mail server information, directing emails to the appropriate destination, while CNAME records help aliasing one domain name to another.

Beyond these basics, there is a large number of specialized DNS record types designed to cater to specific requirements. TXT records store text data, serving purposes like domain verification and SPF (Sender Policy Framework) for email authentication. PTR records enable reverse DNS lookups, aiding in network diagnostics and security measures.

Moreover, DNSSEC (Domain Name System Security Extensions) has introduced additional record types which strengthen DNS security. These include DNSKEY records for cryptographic keys and RRSIG records for digital signatures, ensuring the authenticity and integrity of DNS data.

As technology advances, new record types may emerge to address challenges and requirements in internet communication and security. Despite this evolution, the core DNS record types remain vital components of the internet’s infrastructure, supporting its functionality and reliability.

Conclusion

Knowing more DNS records and how to use them will give you an advantage in your DNS usage. You can manage better, and you can get better results.
If you can’t figure out how to use some of the records on your own, you can always contact our Live chat Support who would be happy to help you.

Check our DNS Plans

The post Types of DNS records – What are they and what is their purpose? appeared first on ClouDNS Blog.

DNS trace (dig + trace)

Using DNS trace, you can troubleshoot your DNS. You can use it on Linux OS, Mac OS and even on Windows (using Cygwin). You will trace the route of a DNS query. If there is a problem, you will see exactly where it is.

$ dig +trace www.cloudns.net

(you can write your website)

First, you request a webpage, for example, www.cloudns.net.

The query gets to the root name server for it.

This name server will show you the TLD authoritative server.

Your recursive resolver queries the .com TLD authoritative server for www.cloudns.net.

The .com TLD authoritative server refers your recursive server to the authoritative servers for cloudns.net.

Your recursive resolver queries the authoritative servers for www.cloudns.net and receives the IP as the answer.

Your recursive resolver caches the answer for the duration of the time-to-live (TTL) specified on the record and returns it to you.

This is how domain resolution works. You can get valuable information about the speed and accuracy of the answer.

Additionally, DNS trace is invaluable for diagnosing and understanding DNS propagation issues. It helps identify delays in DNS updates or misconfigurations across different levels of the DNS hierarchy. By understanding the path a DNS query takes, administrators can pinpoint issues more efficiently and ensure that DNS records are correctly resolved. Additionally, DNS trace is an excellent educational tool for those learning about the complexities of internet addressing and domain name resolution.

Premium DNS Service!

Online Ping

Online Ping is a DNS tool that administrator use for checking the connectivity and the speed. Using this command, you send a small data packet to a particular IP address. Then wait to get a feedback packet. You can also use it to ping a name resolution. If you get an answer when you do a ping to an IP but not when you do it to a name, then the two don’t match.

ping www.cloudns.net

Beyond checking connectivity and speed, Online Ping can be used to monitor the availability and response time of a server or network device continuously. This is crucial for maintaining high uptime for critical services and websites. Regular ping tests can alert administrators to network congestion, latency issues, or outages that may affect user experience. It’s a simple yet powerful tool for ensuring that network paths are optimal and services remain accessible.

What is ICMP Ping monitoring?

Traceroute

Tracing the route is similar to the ping. Using this DNS tool, you send a packet of data to an internet host, and it gives you back a result for every hop your query makes in seconds. If your website has a slow response, using this tool you can see where exactly it is the problem.

Try our Free DNS tool! 

traceroute www.cloudns.net

Traceroute not only helps in identifying where problems lie in the network path but also in understanding network infrastructure and performance. By showing the route data packets take to reach their destination, traceroute can reveal unexpected routing behavior or bottlenecks. This insight is useful for network optimization and planning, as well as for security purposes to detect any unauthorized or suspicious network paths.

DNS lookup (nslookup)

You can use this tool on different Operating systems for making DNS queries to get to an IP address or for specific DNS records. You can use it to see if you have any problems with any kind of DNS record that you are using.

nslookup www.cloudns.net

In addition to querying IP addresses or specific DNS records, nslookup is also useful for verifying and troubleshooting DNS configurations and propagation status. This tool can help ensure that your DNS settings are correctly implemented and propagated across the internet, which is critical for website accessibility and performance. It’s also beneficial for security analysis, allowing administrators to check for DNS-based threats or misconfigurations.

10 most used nslookup commands

Reverse DNS lookup

It does what it says, here you start with an IP address and you can find the domain name. This process uses PTR records that show exactly that. You can use it for troubleshooting.

dig -x 136.243.33.126

Reverse DNS lookup is not only crucial for troubleshooting but also plays a significant role in network security and anti-spam efforts. By verifying the domain name associated with an IP address, administrators can identify potential sources of spam or malicious activity. Furthermore, reverse DNS lookups are used in email authentication processes to reduce spam by verifying that the IP address sending the email matches the domain from which it claims to come.

Read more for the Reverse DNS and PTR records in our article: rDNS explained in detail

Conclusion

In conclusion, mastering the use of essential DNS tools like DNS trace, Ping, Traceroute, Nslookup, and Reverse lookup is paramount for network administrators and troubleshooters. These tools offer invaluable insights into diagnosing connectivity issues, optimizing network performance, and ensuring the smooth operation of online services. By harnessing their capabilities effectively, administrators can navigate the complexities of DNS management with confidence, ultimately leading to a more stable and reliable networking environment.

The post Тools – DNS trace, Ping, Traceroute, Nslookup, Reverse lookup appeared first on ClouDNS Blog.