Testing Reverse DNS with Dig command

Testing if you have properly set a Reverse DNS zone and PTR records inside it is a straightforward task with the built-in tool Dig command. You can see if the IP address matches the domain name with a simple DNS lookup. So let’s get into it.

​What do we need?

  • Linux computer, or a Mac with Homebrew and Dig command installed.
  • The built-in tool that is called Dig command.
  • The IP address that you want to check.

​What is the Dig command?

The Dig command is a built-in command that you can find on any Linux distribution and serves for various DNS lookups, including a Reverse DNS lookup.

How does the Dig command work?

​How hard is it to test a Reverse DNS with the Dig command?

The task is easy, so you don’t need to have deep knowledge of DNS. You will need to perform a basic DNS probe.

​How much time does it take?

Performing a DNS lookup for the Reverse zone will take you around a minute or two. The dig command will return you an answer in a matter of seconds. It is a fast process.

​The syntax for testing Reverse DNS

dig -x [address]

-x is the option that will activate the Reverse DNS lookup.

[address] – any IP address. It could be an IPv4 address like 216.58.214.142 or an IPv6 address like 2a00:1450:4017:803::200e. 

The 216.58.214.142 and 2a00:1450:4017:803::200e addresses, belong to Google.com. We will use them for this test. You can try with the IP addresses of your domain to see if you have properly set up a Reverse DNS.

​How to test Reverse DNS. 

  1. Open the Terminal application. Just click on the start menu, and type “Terminal”. When you see its icon, click on it. 
  2. Once it is open, write the command, and press Enter:

dig -x 216.58.214.142

As we mentioned before, you can put any other IPv4 or IPv6 address. 

  1. You will see the answer – the PTR records that were set to point to the domain name for the IP address you checked. 

​The Dig command answer for a Reverse lookup

The Dig command has a very rich answer field compared to other commands like the NSlookup command or the Host command. 

  • You will see if there was any error or not. 
  • Then you will see if the answer came from an authoritative name server or not. 
  • Next, you can see the port for UDP packages. 
  • You will see a question section that shows what you asked for – the PTR records.
  • Following it, there will be an answer section too. It will list all of the PTR records, with their TTL and domain names that they are pointing to. Here you can see if you have set your Reverse DNS correctly and if the changes have been propagated already. 
  • Lastly, you will find the time it took to perform the query. In our case, it was just 43 milliseconds. This is why we said it would take very little time to do such testing. 

​Reverse DNS with Dig command and short answer. 

If you want to see only the answer to your Reverse DNS lookup, without extra information and statistic, you can add the two options “+noall” and “+answer”. 

The query will look like this: 

dig -x 216.58.214.142 +noall +answer

The answer will be only the PTR records. 

​Conclusion

Now you know everything about testing Reverse DNS with the Dig command. So you can go ahead and try it with your IP addresses and see if the PTR records inside the Reverse DNS zone were set correctly. 

Leave a Reply

Your email address will not be published. Required fields are marked *