Reverse DNS and PTR records � Common MythsWritten by Scott Perry, Founder Tuesday, 22 May 2007

Reverse DNS turns an IP address into a hostname -- for example, it might turn 192.0.2.25 into host.example.com.

For your domains, standard DNS (turning a hostname into an IP address, such turning host.example.com into 192.0.2.25) starts with the company (registrar) that you registered your domains with. You let them know what DNS servers are responsible for your domain names, and the registrar sends this information to the root servers (technically, the parent servers for your TLD). Then, anyone in the world can access your domains, and you can send them to any IP addresses you want. You have full control over your domains, and can send people to any IPs (whether or not you have control over those IPs, although you should have permission to send them to IPs that are not yours).

Reverse DNS works in a similar method. For your IPs, reverse DNS (turning 192.0.2.25 back into host.example.com) starts with your ISP (or whoever told you what your IP addresses are). You let them know what DNS servers are responsible for the reverse DNS entries for your IPs (or, they can enter the reverse DNS entries on their DNS servers), and your ISP gives this information out when their DNS servers get queried for your reverse DNS entries. Then, anyone in the world can look up the reverse DNS entries for your Imps, and you can return any hostnames you want (whether or not you have control over those domains, although you should have permission to point them to hostnames that are not on your domains).

So for both standard DNS and reverse DNS, there are two steps: [1] You need DNS servers, and [2] You need to tell the right company (your registrar for standard DNS lookups, or your ISP for reverse DNS lookups) where your DNS servers are located. Without Step 2, nobody will be able to reach your DNS servers.

If you can comprehend the above paragraphs (which takes some time), you'll understand the biggest problem that people have with reverse DNS entries. The biggest problem people have is that they have DNS servers that work fine with their domains (standard DNS), they add reverse DNS entries to those servers, and it doesn't work. If you understand the above paragraphs, you'll see the problem: If your ISP doesn't know that you have DNS servers to handle the reverse DNS for your IPs, they won't send that information to the root servers, and nobody will even get to your DNS servers for reverse DNS lookups.

Basic Concepts:

- Reverse DNS turns 192.0.2.25 into host.example.com (an IP address into a host name).

- Typical reverse DNS lookup path: DNS resolver => root servers => ARIN (North American IP registry) => Local ISP => Acme Inc. DNS servers.

- Whoever supplies your IP addresses (usually your ISP) MUST either [1] set up your reverse DNS entries on their DNS servers, or [2] "delegate authority" for your reverse DNS entries to your DNS servers.

- Reverse DNS entries use a host name with a reversed IP address with ".in-addr.arpa" added to it -- for example, "25.2.0.192.in-addr.arpa" (".ip6.arpa" is used for IPv6 reverse DNS lookups).

- Reverse DNS entries are set up with PTR records (whereas standard DNS uses A records), which look like "25.2.0.192.in-addr.arpa. PTR host.example.com" (whereas standard DNS would look like "host.example.com. A 192.0.2.25").

- All Internet hosts should have a reverse DNS entry (see RFC1912 section 2.1).

- Mail servers with no reverse DNS will have a hard time getting mail to certain large ISPs.

Very Common Myth:

- Myth: If you have a reverse DNS entry listed in your DNS server, you have reverse DNS properly set up.

- Fact: This is often not the case.

You need TWO things in order to have your DNS set up properly:

1. Your DNS servers (or your ISP's) MUST have the reverse DNS entries set up ("25.2.0.192.in-addr.arpa. PTR host.example.com").

2. AND your ISP or bandwidth provider MUST set up the reverse DNS on their end, so that DNS resolvers around the world will know that your DNS servers are the ones to go to when looking up the reverse DNS for your IP addresses.

How a reverse DNS lookup is accomplished:

- The DNS resolver reverses the IP, and adds it to ".in-addr.arpa" (or ".ip6.arpa" for IPv6 lookups), turning 192.0.2.25 into 25.2.0.192.in-addr.arpa.

- The DNS resolver then looks up the PTR record for 25.2.0.192.in-addr.arpa.

- The DNS resolver checks asks the root servers for the PTR record for 25.2.0.192.in-addr.arpa.

- The root servers refer the DNS resolver to the DNS servers in charge of the Class A range (192.in-addr.arpa, which covers all IPs that begin with 192).

- In almost all cases, the root servers will refer the DNS resolver to a "RIR" ("Regional Internet Registry"). These are the organizations that allocate IPs. In general, ARIN handles North American IPs, APNIC handles Asian-Pacific IPs, and RIPE handles European IPs.

- The DNS resolver will ask the ARIN DNS servers for the PTR record for 25.2.0.192.in-addr.arpa.

- The ARIN DNS servers will refer the DNS resolver to the DNS servers of the organization that was originally given the IP range. These are usually the DNS servers of your ISP, or their bandwidth provider.

- The DNS resolver will ask the ISP's DNS servers for the PTR record for 25.2.0.192.in-addr.arpa.

- The ISP's DNS servers will refer the DNS resolver to the organization's DNS servers.

- The DNS resolver will ask the organization's DNS servers for the PTR record for 25.2.0.192.in-addr.arpa.

- The organization's DNS servers will respond with "host.example.com".

 

Basic Guide to DNS

Think you can write a better article? Click this link to visit Knol and try your hand at editing this entry. We're using Knol in the Help Center so you can update articles and share community-edited information with others.

This is a list of common terms that you'll encounter when managing a domain. Click a term below to jump to the description of the term, and its practical use with Google Apps.

Since registrars, hosts, and record configurations vary, this is a basic guide to DNS.

DNS Domain Name Domain Registrar Top Level Domain Second-level Domain Third-level Domain Domain Host A Record NS Record MX Record CNAME Record IP Address Custom URLs Domain Alias WHOIS directory

 

DNS

DNS stands for Domain Name System. This system is in place to organize and identify domains. Essentially, DNS provides a name for a domain's one or more IP addresses. For instance, the domain name wolf.example.com might translate to 198.102.434.8. This makes it much easier to remember URLs and email addresses.

DNS is also used to find out where to deliver email for a particular address. This is done with MX Records.

You need to have a registered domain name to use Google Apps for Your Domain.

↑ back to top

 

Domain Name

Domain names are easy-to-remember names (URLs and email addresses) that are associated with one or more IP addresses. Since a web page is defined by its URL, the page can move to a different IP address without affecting visitors.

Example: www.singlespeed.com

singlespeed.com is the domain name. com is the top level domain. singlespeed is a subdivision of com, and represents the second-level domain. www is a subdomain (also known as third-level domain or CNAME).

The whole domain name can not exceed a total length of 255 characters, but some registries have shorter limits.

↑ back to top

 

Domain Registrar

Domain registrars sell Internet domain names (ex. blueshirt.com or organicfood.org ). Most of these companies offer a hosting service in addition to registration.

If your domain registrar is separate from your domain host, you'll need to add the host's name servers to your registrar's account. For example, if you purchase a domain name from namecheap.com (which offers domain registration) and host your domain with DynDNS (which offers domain hosting), you'll add the name servers of DynDNS (ns1.mydyndns.org and ns2.mydyndns.org) to your account with namecheap.com.

Google Apps for Your Domain offers domain registration with a select group of domain registration partners. This allows you to purchase a domain name and sign up for Google Apps at the same time. If you purchase a domain name while signing up, Google will auto-configure services for your domain so that you won't need to manually configure MX and CNAME records.

If you purchased your domain name before signing up for Google Apps, visit our list of domain hosts (some of which are also domain registrars) that have instructions for modifying MX records in our Help Center.

↑ back to top

 

Top Level Domain

Top-level domains are the last part of a domain name - the letters after the last period. Some examples are: biz com org edu us ca fr de travel local es pl

↑ back to top

 

Second-level Domain

Second-level domains are directly below top-level domains. Some current examples are:

Second-level Domain Domain Name

Google google.com

Wikipedia wikipedia.org

Ontariotravel ontariotravel.com

Craigslist craigslist.com

louvre louvre.fr

↑ back to top

 

Third-level Domain

Third-level domains are also known as subdomains and CNAMEs. In a URL, the subdomain is written before the domain name. Here's some examples:

Subdomain URL

affiliates http://affiliates.art.com

www http://www.rockfound.org

men http://men.style.com

mail http://mail.google.com

bus http://www.bus.umich.edu

To set up web publishing with Google Apps for Your Domain, you'll need to pick a subdomain as your web publishing address.

↑ back to top

 

Domain Host

Domain hosts run DNS servers for your domain. This includes A records, MX records, and CNAME records. Most domain hosts offer domain name registration as well.

Since Google Apps for Your Domain is not a domain host, you'll need to modify your DNS records with your domain host to set up email and web publishing. Click here if you don't know which company is hosting your domain.

↑ back to top

 

A Record

A records (also known as host records) are the central records of DNS. These records link a domain, or subdomain, to an IP address.

A records and IP addresses do not necessarily match on a one-to-one basis. Many A records correspond to a single IP address, where one machine can serve many web sites. Alternatively, a single A record may correspond to many IP addresses. This can facilitate fault tolerance and load distribution, and allows a site to move its physical location.

Google Apps for Your Domain does not support IP addresses alone. Instead of using A records, you can set up email and web publishing by modifying your MX and CNAME records with your domain host.

↑ back to top

 

NS Record

Name server records determine which servers will communicate DNS information for a domain. Two NS records must be defined for each domain. Generally, you will have a primary and a secondary name server record - NS records are updated with your domain registrar and will take 24-72 hours to take effect.

If your domain registrar is separate from your domain host, your host will provide two name servers that you can use to update your NS records with your registrar.

If you're not sure who is hosting your domain, you can perform a free NS Lookup. Here's how:

1. Visit Google.com. 2. Search for NS lookup. 3. Select a search result. 4. Type your domain name into the tool. 5. Select NS records or Any records for your query. 6. Click Look it up.

Example result (showing that name-services.com is the domain host for mightydinosaur.com):

mightydinosaur.com nameserver = dns1.name-services.com.

↑ back to top

 

MX Record

Mail Exchange records direct email to servers for a domain, and are listed in order of priority. If mail can't be delivered using the first priority record, the second priority record is used, and so on.

To set up email with Google Apps for Your Domain, you need to configure the MX records with your domain host using Google's server information.

If you'd like to check the status of your MX records, you can perform a free MX lookup. Here's how:

By DNSstuff.com MX Record Lookup 

Enter domain name

Example result (showing that email for mightydinosaur.com is directed to Google):

mightydinosaur.com mail exchanger = 10 aspmx.l.google.com.

↑ back to top

 

CNAME Record

Canonical name records are aliases for A records. For each CNAME record, you can choose an alias and a host.

To set up web publishing with Google Apps, you can pick an address for your web pages. The third-level domain of the address is the alias and ghs.google.com is the host.

If you'd like to check the status of your CNAME record for web publishing, you can perform a free CNAME lookup. Here's how:

1. Visit Google.com.

2. Search for NS lookup. 3. Select a search result from the list. 4. Type your web publishing address in to the field. 5. Select CNAME record if it's not the default search query. 6. Click Submit, or Lookup.

Example result (showing that the subdomain of start.mightydinosaur.com is pointing to ghs.google.com):

DNS Lookup (CNAME) for start.mightydinosaur.com. Items Returned: 1

ghs.google.com

↑ back to top

 

IP Address

Internet Protocol addresses are unique numbers that allow devices to locate information on a network.

Since a domain name may have one or more associated IP addresses, Google Apps for Your Domain doesn't support email and web publishing configuration using IP addresses alone.

↑ back to top

 

Custom URLs

Custom URLs, or short URLs, make using the Internet easier. A custom URL allows you and your users to access the login page for services at your domain with a simple, easy-to-remember address. With Google Apps for Your Domain, your custom URLs will follow this format:

http://[customize this section].your_domain.com

Instead of asking your users to visit http://www.google.com/calendar/a/your_domain.com to log in to their calendars, you can create a short, custom URL. Learn more

Calendar Examples

http://calendar.your_domain.com

http://c.your_domain.com

http://9-5.your_domain.com

http://myagenda.your_domain.com

http://where2go.your_domain.com

↑ back to top

 

Domain Alias

Domain name aliases are additional domain names associated with your primary domain. With Google Apps for Your Domain, you can add a domain alias that receives mail and delivers it to mailboxes at your primary domain.

Some common uses:

Add a domain alias to cover other top-level domains. If your domain name is theurbanexperience.org, you may want to alias theurbanexperience.com and theurbanexperience.us.

Add a domain alias to help people who mistype your domain name. If your domain name is theurbanexperience.org, you may want to alias urbanexperience.org, theurbanexperiment.org, and urbanexperiences.org.

Add a domain alias to receive mail addressed to two separate domains in one mailbox. If you receive mail at two domain names, such as admin@bradford.com and admin@clarkston.com, you can alias clarkston.com to bradford.com, and all mail sent to either address will be delivered to admin@bradford.com.

 

WHOIS directory

The WHOIS directory is a public listing of domain names, and people or organizations associated with each domain name.

As a privacy measure, some domain name owners prefer to have their personal information hidden from the WHOIS directory. This is similar to the way someone may want his/her personal telephone number unlisted in a local telephone book.

The WHOIS directory is used to determine the owner of domain names and IP addresses. There are many free web-based directories available on the Internet. The information provided in the WHOIS directory includes a mailing address and a telephone number.

↑ back to top

updated 11/26/2008