Sometimes you may need to do reverse DNS lookup in Linux. In this article, we will look at how to reverse DNS lookup in Linux. You can use these steps in all Linux systems as they are universally available commands.
What is Reverse DNS Lookup?
DNS Lookup is basically the process of resolving domain to an IP address. It is also known as forward DNS and takes place every time you visit a website. Reverse DNS Lookup is the process of resolving an IP address to a domain name. In this case, we find out which domains point to a given IP address.
Uses of Reverse DNS Lookup
Reverse DNS lookup is used to find out the domain name associated with an given IP address. It is mostly used by email servers to identify and block spam mails. It need not work all the time because every IP address need not have a domain associated with it. It is also used to map IP addresses to domains in log files, so that there is a human readable value, instead of numeric IP addresses, making it easy to understand information.
How to Do Reverse DNS Lookup in Linux
You can use nslookup, dig or host command to do reverse DNS lookup in Linux. These commands are already pre-installed in every Linux distribution and do not require separate installation or configuration.
Using Host command
Host command is a Linux utility that can be used for DNS Lookup as well as Reverse DNS Lookup. Here is how to get domain name associated with an IP address say 18.104.22.168
$ host 22.214.171.124
You will get an output like the following.
126.96.36.199.in-addr.arpa domain name pointer mysite.com
Using Dig command
Dig is another popular command used by system administrators. It gives a lot more information that just Here is how to use dig command to do reverse lookup.
$ dig -x 188.8.131.52
Here is the sample output. The Got answer section will show the domain name associated with a given IP address.
; > DiG 9.8.3-P1 > -x 184.108.40.206 ;; global options: +cmd ;; Got answer: ;; ->>HEADER220.127.116.11.in-addr.arpa. 20975 IN PTR www.mysite.com ;; Query time: 32 msec ;; SERVER: 18.104.22.168#53(22.214.171.124) ;; WHEN: Sat Feb 8 04:40:28 2014 ;; MSG SIZE rcvd: 76
Using Nslookup command
Nslookup is a network administrative tool that is generally used to diagnose network issues. It has two modes – interactive and non-interactive mode. In interactive mode, it will display requested information about hosts & domains, that you enquired in your query. In non-interactive mode, it displays standard information such as name and some more commonly required details.
Here is how you can do a reverse lookup using nslookup command as shown below.
$ nslookup 126.96.36.199
That’s it. In this article, we have looked at how to do reverse DNS lookup in Linux using host, nslookup and dig commands. These tools are already present in every Linux distribution and you can easily get more information about any of these tools using man command
$ man host $ man dig $ man nslookup
You can also use these commands in your shell script to automate lookups, or in case you want to further process their output.