[Webinar] Learn how to a build a cloud-first strategyRegister Now


Reverse lookup zones (DNS)

Posted on 2004-11-20
Medium Priority
Last Modified: 2012-06-21
What would be the purpose for creating reverse lookup zones in my DNS server? Right now I'm running DNS integrated into active directory. I think it builds the forward lookup tables automatically.  What is the purpose of reverse lookup and is it difficult to implement?

Here's an error I noticed on my sniffer logs related to reverse lookup too.
any ideas?
Question by:dissolved

Accepted Solution

RLGSC earned 1000 total points
ID: 12636796

The purpose of reverse lookup zones is to provide a translation from numeric IP address to machine name. It is the inverse of the normal forward lookups (name->address).

Reverse lookups are used for a variety of applications.

It is not difficult to implement, the things to remember are:

- reverse DNS uses PTR records, not A records
- the address octets are listed in reverse order.
- the sub-zone must be delegated from your ISP.

- Bob (aka RLGSC)

Assisted Solution

aashishkunte earned 1000 total points
ID: 12637351
hi  dissolved
              Its true to reverse lookup zone translates  machine numeric addr to machine name !

      The pointers should  repersent  1.168.192 ie without subnet in reverse order to in-addr.arpa  and last degits of your ip ie 68 will be the pointing value for  fully qualified domain name i.e  server<machine name>.<domain name>

         This will directly resolve local query translating   ip address to machine name

  Keep in mind it will be a NS entry .  Do u  have  any master slave configurations ?              

Author Comment

ID: 12638494
Thanks guys. My problem is I dont know how to even begin this.

I am doing this in active directory.

-Do I need to make a new reverse lookup zone for every client PC I have?  Or just a pointer to their network (ie: 1.168.192)
-I'm setting it up now, and it is asking for network ID. I'm assuming I type the IP address of the client?
-Lastly, can someone give me an every day example of when I would use the reverse lookup zone? Thanks!
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.


Author Comment

ID: 12638954
ok guys, I got it working for one subnet.  I entered a zone 1.168.192-arp etc etc eetc
Now I can do nslookup 192.168.1.x  and it returns a hostname

However, I added a secondary reverse lookup zone for my network, and I cannot get it to work!
I do a nslookup 192.168.2.x from the same PC, and it doesnt find a hostname.


Expert Comment

ID: 14122720
I have a similar situation setting up reverse dns for 5 subnets.
Could you use the following as the reverse lookup zone to cath all the subnets?

ex: 168.192-in-addr-arpa

Thanks in advance

Author Comment

ID: 14123175
Good question scobb13, I'd like to know myself. I'm assuming your using a 16 bit subnet mask?

Expert Comment

ID: 14123785
We are not. I was just using that as an example. I have setup a test to see if that will work. I'll report to you once I have an answer.

Author Comment

ID: 14123886
thanks a lot, look forward to hearing what you find.

Expert Comment

ID: 14125114
So far the test has shown that if you setup your reverse lookup zone like this - ex: 168.192-in-addr-arpa (Do not put any value in the 3rd octet the zone will capture all of the subnets that begin with 192.168).

The different subnets show up in this zone as folders coresponding to the different subnets.
If you have the following two subnets and then you should see a 1 and 2 folder in the zone as well as SOA and NS records.
Remember to give any changes time to replicate.

Author Comment

ID: 14125131
Awesome. Thanks for posting the results of this.  Will definitely make things a little asier.

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

868 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question