reverse dns lookup in linux

How to Do Reverse DNS Lookup in Linux

Sometimes you may need to do reverse DNS lookup in Linux. In this article, we will look at how to reverse DNS lookup in Linux. You can use these steps in all Linux systems as they are universally available commands.


What is Reverse DNS Lookup?

DNS Lookup is basically the process of resolving domain to an IP address. It is also known as forward DNS and takes place every time you visit a website. Reverse DNS Lookup is the process of resolving an IP address to a domain name. In this case, we find out which domains point to a given IP address.


Uses of Reverse DNS Lookup

Reverse DNS lookup is used to find out the domain name associated with an given IP address. It is mostly used by email servers to identify and block spam mails. It need not work all the time because every IP address need not have a domain associated with it. It is also used to map IP addresses to domains in log files, so that there is a human readable value, instead of numeric IP addresses, making it easy to understand information.


How to Do Reverse DNS Lookup in Linux

You can use nslookup, dig or host command to do reverse DNS lookup in Linux. These commands are already pre-installed in every Linux distribution and do not require separate installation or configuration.


Using Host command

Host command is a Linux utility that can be used for DNS Lookup as well as Reverse DNS Lookup. Here is how to get domain name associated with an IP address say 54.43.32.21

$ host 54.43.32.21

You will get an output like the following.

54.43.32.21.in-addr.arpa domain name pointer mysite.com


Using Dig command

Dig is another popular command used by system administrators. It gives a lot more information that just Here is how to use dig command to do reverse lookup.

$ dig -x 54.43.32.21

Here is the sample output. The Got answer section will show the domain name associated with a given IP address.

; > DiG 9.8.3-P1 > -x 75.126.153.206
;; global options: +cmd
;; Got answer:
;; ->>HEADER54.43.32.21.in-addr.arpa. 20975 IN PTR www.mysite.com

;; Query time: 32 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Feb  8 04:40:28 2014
;; MSG SIZE  rcvd: 76


Using Nslookup command

Nslookup is a network administrative tool that is generally used to diagnose network issues. It has two modes – interactive and non-interactive mode. In interactive mode, it will display requested information about hosts & domains, that you enquired in your query. In non-interactive mode, it displays standard information such as name and some more commonly required details.

Here is how you can do a reverse lookup using nslookup command as shown below.

$ nslookup 54.43.32.21

That’s it. In this article, we have looked at how to do reverse DNS lookup in Linux using host, nslookup and dig commands. These tools are already present in every Linux distribution and you can easily get more information about any of these tools using man command

$ man host
$ man dig
$ man nslookup

You can also use these commands in your shell script to automate lookups, or in case you want to further process their output.

Also read:

How to SSH using pem file in Ubuntu
SCP command in Linux to copy file
How to Read YAML File to Dict
How to Delete Empty Lines from Text File in Linux
How to Install Supervisor in RHEL/CentOS/Fedora

2 thoughts on “How to Do Reverse DNS Lookup in Linux

  1. In the host and dig examples the ip address in the answer doesn’t match the ip address in the argument.

Leave a Reply

Your email address will not be published. Required fields are marked *