Reverse DNS and PTR records � Common Myths

Written by Scott Perry, Founder Tuesday, 22 May 2007

Reverse DNS turns an IP address into a hostname -- for example, it

might turn 192.0.2.25 into host.example.com.

For your domains, standard DNS (turning a hostname into an IP

address, such turning host.example.com into 192.0.2.25) starts with
the company (registrar) that you registered your domains with. You let
them know what DNS servers are responsible for your domain names,
and the registrar sends this information to the root servers
(technically, the parent servers for your TLD). Then, anyone in the
world can access your domains, and you can send them to any IP
addresses you want. You have full control over your domains, and can
send people to any IPs (whether or not you have control over those IPs,
although you should have permission to send them to IPs that are not
yours).

Reverse DNS works in a similar method. For your IPs, reverse DNS
(turning 192.0.2.25 back into host.example.com) starts with your ISP
(or whoever told you what your IP addresses are). You let them know
what DNS servers are responsible for the reverse DNS entries for your
IPs (or, they can enter the reverse DNS entries on their DNS servers),
and your ISP gives this information out when their DNS servers get
queried for your reverse DNS entries. Then, anyone in the world can
look up the reverse DNS entries for your Imps, and you can return any
hostnames you want (whether or not you have control over those
domains, although you should have permission to point them to
hostnames that are not on your domains).

So for both standard DNS and reverse DNS, there are two steps: [1]
You need DNS servers, and [2] You need to tell the right company
(your registrar for standard DNS lookups, or your ISP for reverse DNS
lookups) where your DNS servers are located. Without Step 2, nobody
will be able to reach your DNS servers.

If you can comprehend the above paragraphs (which takes some time),
you'll understand the biggest problem that people have with reverse
DNS entries. The biggest problem people have is that they have DNS
servers that work fine with their domains (standard DNS), they add
reverse DNS entries to those servers, and it doesn't work. If you
understand the above paragraphs, you'll see the problem: If your ISP
doesn't know that you have DNS servers to handle the reverse DNS for
your IPs, they won't send that information to the root servers, and
nobody will even get to your DNS servers for reverse DNS lookups.
Basic Concepts:

- Reverse DNS turns 192.0.2.25 into host.example.com (an IP address

into a host name).

- Typical reverse DNS lookup path: DNS resolver => root servers =>
ARIN (North American IP registry) => Local ISP => Acme Inc. DNS
servers.

- Whoever supplies your IP addresses (usually your ISP) MUST either [1]
set up your reverse DNS entries on their DNS servers, or [2] "delegate
authority" for your reverse DNS entries to your DNS servers.

- Reverse DNS entries use a host name with a reversed IP address with
".in-addr.arpa" added to it -- for example, "25.2.0.192.in-addr.arpa"
(".ip6.arpa" is used for IPv6 reverse DNS lookups).

- Reverse DNS entries are set up with PTR records (whereas standard
DNS uses A records), which look like "25.2.0.192.in-addr.arpa. PTR
host.example.com" (whereas standard DNS would look like
"host.example.com. A 192.0.2.25").

- All Internet hosts should have a reverse DNS entry (see RFC1912
section 2.1).

- Mail servers with no reverse DNS will have a hard time getting mail to
certain large ISPs.

Very Common Myth:

- Myth: If you have a reverse DNS entry listed in your DNS server, you
have reverse DNS properly set up.

- Fact: This is often not the case.

You need TWO things in order to have your DNS set up properly:

1. Your DNS servers (or your ISP's) MUST have the reverse DNS
entries set up ("25.2.0.192.in-addr.arpa. PTR host.example.com").

2. AND your ISP or bandwidth provider MUST set up the reverse DNS
on their end, so that DNS resolvers around the world will know that
your DNS servers are the ones to go to when looking up the reverse
DNS for your IP addresses.

How a reverse DNS lookup is accomplished:

- The DNS resolver reverses the IP, and adds it to ".in-addr.arpa" (or
".ip6.arpa" for IPv6 lookups), turning 192.0.2.25 into 25.2.0.192.in-
addr.arpa.

- The DNS resolver then looks up the PTR record for 25.2.0.192.in-
addr.arpa.

- The DNS resolver checks asks the root servers for the PTR record
for 25.2.0.192.in-addr.arpa.

- The root servers refer the DNS resolver to the DNS servers in
charge of the Class A range (192.in-addr.arpa, which covers all IPs
that begin with 192).

- In almost all cases, the root servers will refer the DNS resolver to
a "RIR" ("Regional Internet Registry"). These are the organizations that
allocate IPs. In general, ARIN handles North American IPs, APNIC
handles Asian-Pacific IPs, and RIPE handles European IPs.

- The DNS resolver will ask the ARIN DNS servers for the PTR
record for 25.2.0.192.in-addr.arpa.

- The ARIN DNS servers will refer the DNS resolver to the DNS
servers of the organization that was originally given the IP range.
These are usually the DNS servers of your ISP, or their bandwidth
provider.

- The DNS resolver will ask the ISP's DNS servers for the PTR
record for 25.2.0.192.in-addr.arpa.

- The ISP's DNS servers will refer the DNS resolver to the
organization's DNS servers.

- The DNS resolver will ask the organization's DNS servers for the
PTR record for 25.2.0.192.in-addr.arpa.

- The organization's DNS servers will respond with

"host.example.com".

Basic Guide to DNS

Think you can write a better article? Click this link to visit Knol and try your hand at
editing this entry. We're using Knol in the Help Center so you can update articles and
share community-edited information with others.
This is a list of common terms that you'll encounter when managing a domain. Click a
term below to jump to the description of the term, and its practical use with Google Apps.

Since registrars, hosts, and record configurations vary, this is a basic guide to DNS.

DNS
Domain Name
Domain Registrar
Top Level Domain
Second-level Domain
Third-level Domain
Domain Host
A Record
NS Record
MX Record
CNAME Record
IP Address
Custom URLs
Domain Alias
WHOIS directory

DNS

DNS stands for Domain Name System. This system is in place to organize and identify
domains. Essentially, DNS provides a name for a domain's one or more IP addresses. For
instance, the domain name wolf.example.com might translate to 198.102.434.8. This
makes it much easier to remember URLs and email addresses.

DNS is also used to find out where to deliver email for a particular address. This is done
with MX Records.

You need to have a registered domain name to use Google Apps for Your Domain.

↑ back to top

Domain Name
Domain names are easy-to-remember names (URLs and email addresses) that are
associated with one or more IP addresses. Since a web page is defined by its URL, the
page can move to a different IP address without affecting visitors.

Example: www.singlespeed.com

• singlespeed.com is the domain name.

• com is the top level domain.
• singlespeed is a subdivision of com, and represents the second-level domain.
• www is a subdomain (also known as third-level domain or CNAME).

The whole domain name can not exceed a total length of 255 characters, but some
registries have shorter limits.

↑ back to top

Domain Registrar

Domain registrars sell Internet domain names (ex. blueshirt.com or organicfood.org ).

Most of these companies offer a hosting service in addition to registration.

If your domain registrar is separate from your domain host, you'll need to add the host's
name servers to your registrar's account. For example, if you purchase a domain name
from namecheap.com (which offers domain registration) and host your domain with
DynDNS (which offers domain hosting), you'll add the name servers of DynDNS
(ns1.mydyndns.org and ns2.mydyndns.org) to your account with namecheap.com.

Google Apps for Your Domain offers domain registration with a select group of domain
registration partners. This allows you to purchase a domain name and sign up for Google
Apps at the same time. If you purchase a domain name while signing up, Google will
auto-configure services for your domain so that you won't need to manually configure
MX and CNAME records.

If you purchased your domain name before signing up for Google Apps, visit our list of
domain hosts (some of which are also domain registrars) that have instructions for
modifying MX records in our Help Center.

↑ back to top

Top Level Domain

Top-level domains are the last part of a domain name - the letters after the last period.
Some examples are: biz com org edu us ca fr de travel local es pl

↑ back to top

Second-level Domain

Second-level domains are directly below top-level domains. Some current examples are:

Second-level Domain Domain Name

Google google.com
Wikipedia wikipedia.org
Ontariotravel ontariotravel.com
Craigslist craigslist.com
louvre louvre.fr

↑ back to top

Third-level Domain

Third-level domains are also known as subdomains and CNAMEs. In a URL, the
subdomain is written before the domain name. Here's some examples:

Subdomain URL
affiliates http://affiliates.art.com
www http://www.rockfound.org
men http://men.style.com
mail http://mail.google.com
bus http://www.bus.umich.edu

To set up web publishing with Google Apps for Your Domain, you'll need to pick a
subdomain as your web publishing address.
 ↑ back to top

Domain Host

Domain hosts run DNS servers for your domain. This includes A records, MX records,
and CNAME records. Most domain hosts offer domain name registration as well.

Since Google Apps for Your Domain is not a domain host, you'll need to modify your
DNS records with your domain host to set up email and web publishing. Click here if you
don't know which company is hosting your domain.

↑ back to top

A Record

A records (also known as host records) are the central records of DNS. These records link
a domain, or subdomain, to an IP address.

A records and IP addresses do not necessarily match on a one-to-one basis. Many A

records correspond to a single IP address, where one machine can serve many web sites.
Alternatively, a single A record may correspond to many IP addresses. This can facilitate
fault tolerance and load distribution, and allows a site to move its physical location.

Google Apps for Your Domain does not support IP addresses alone. Instead of using A
records, you can set up email and web publishing by modifying your MX and CNAME
records with your domain host.

↑ back to top

NS Record

Name server records determine which servers will communicate DNS information for a
domain. Two NS records must be defined for each domain. Generally, you will have a
primary and a secondary name server record - NS records are updated with your domain
registrar and will take 24-72 hours to take effect.

If your domain registrar is separate from your domain host, your host will provide two
name servers that you can use to update your NS records with your registrar.
If you're not sure who is hosting your domain, you can perform a free NS Lookup. Here's
how:

1. Visit Google.com.
2. Search for NS lookup.
3. Select a search result.
4. Type your domain name into the tool.
5. Select NS records or Any records for your query.
6. Click Look it up.

Example result (showing that name-services.com is the domain host for

mightydinosaur.com):

mightydinosaur.com nameserver = dns1.name-services.com.

↑ back to top

MX Record

Mail Exchange records direct email to servers for a domain, and are listed in order of
priority. If mail can't be delivered using the first priority record, the second priority
record is used, and so on.

To set up email with Google Apps for Your Domain, you need to configure the MX
records with your domain host using Google's server information.

If you'd like to check the status of your MX records, you can perform a free MX lookup.
Here's how:

By DNSstuff.com
MX Record Lookup

Lookup

Enter domain name

Example result (showing that email for mightydinosaur.com is directed to Google):

mightydinosaur.com mail exchanger = 10 aspmx.l.google.com.

↑ back to top

CNAME Record
Canonical name records are aliases for A records. For each CNAME record, you can
choose an alias and a host.

To set up web publishing with Google Apps, you can pick an address for your web pages.
The third-level domain of the address is the alias and ghs.google.com is the host.

If you'd like to check the status of your CNAME record for web publishing, you can
perform a free CNAME lookup. Here's how:

1. Visit Google.com.
2. Search for NS lookup.
3. Select a search result from the list.
4. Type your web publishing address in to the field.
5. Select CNAME record if it's not the default search query.
6. Click Submit, or Lookup.

Example result (showing that the subdomain of start.mightydinosaur.com is pointing to

ghs.google.com):

DNS Lookup (CNAME) for start.mightydinosaur.com. Items Returned: 1

 ghs.google.com

↑ back to top

IP Address

Internet Protocol addresses are unique numbers that allow devices to locate information
on a network.

Since a domain name may have one or more associated IP addresses, Google Apps for
Your Domain doesn't support email and web publishing configuration using IP addresses
alone.

↑ back to top

Custom URLs

Custom URLs, or short URLs, make using the Internet easier. A custom URL allows you
and your users to access the login page for services at your domain with a simple, easy-
to-remember address. With Google Apps for Your Domain, your custom URLs will
follow this format:
http://[customize this section].your_domain.com

Instead of asking your users to visit

http://www.google.com/calendar/a/your_domain.com to log in to their calendars, you can
create a short, custom URL. Learn more

Calendar Examples
http://calendar.your_domain.com
http://c.your_domain.com
http://9-5.your_domain.com
http://myagenda.your_domain.com
http://where2go.your_domain.com

↑ back to top

Domain Alias

Domain name aliases are additional domain names associated with your primary domain.
With Google Apps for Your Domain, you can add a domain alias that receives mail and
delivers it to mailboxes at your primary domain.

Some common uses:

• Add a domain alias to cover other top-level domains. If your domain name is
theurbanexperience.org, you may want to alias theurbanexperience.com and
theurbanexperience.us.
• Add a domain alias to help people who mistype your domain name. If your
domain name is theurbanexperience.org, you may want to alias
urbanexperience.org, theurbanexperiment.org, and urbanexperiences.org.
• Add a domain alias to receive mail addressed to two separate domains in one
mailbox. If you receive mail at two domain names, such as
admin@bradford.com and admin@clarkston.com, you can alias
clarkston.com to bradford.com, and all mail sent to either address will be
delivered to admin@bradford.com.

WHOIS directory
The WHOIS directory is a public listing of domain names, and people or organizations
associated with each domain name.

As a privacy measure, some domain name owners prefer to have their personal
information hidden from the WHOIS directory. This is similar to the way someone may
want his/her personal telephone number unlisted in a local telephone book.

The WHOIS directory is used to determine the owner of domain names and IP addresses.
There are many free web-based directories available on the Internet. The information
provided in the WHOIS directory includes a mailing address and a telephone number.

↑ back to top
updated 11/26/2008