1. Introduction

PTR record is a special type of DNS record that enables us to look up the domain name associated with a given IP address. This is the reverse of the process of looking up the IP address for a given domain name. Therefore, we generally refer to this process as reverse DNS lookup.

We typically use reverse DNS lookups to verify that a given domain name is indeed associated with the IP address it claims to be associated with. The most common application for this is spam filtering in email servers.

We’ll start this tutorial by looking at how DNS servers store PTR records. Then, we’ll proceed to see how we can use different commands to check the PTR records for a given IP address.

2. How Do DNS Servers Store Ptr Records?

2.1. For IPv4 Addresses

DNS servers store PTR records for IPv4 addresses within the namespace of the .arpa domain, for historical reasons related to the ARPANET (predecessor to the Internet). For example, the PTR record for an IP address would be stored as, where is the reversed form of the original IP

2.2. For IPv6 Addresses

For IPv6 records, the IP address is reversed and split into chunks of four bits (one hexadecimal digit) each, separated by a dot. The namespace used is ip6.arpa instead of in-addr.arpa. So, for an IP 4002:5003:6004:7005:8006:9007:a008:b009, the PTR record would be 9.0.0.b.8.0.0.a.

2.3. Setting PTR Records

Internet Service Providers (ISPs) usually manage PTR records. In the case of cloud servers, the hosting providers could be managing them. Some providers allow us to set PTR records via a dashboard, while for others, we’ll need to contact them via their support channel to get this done.

3. The dig Command

The dig command stands for Domain Information Groper. It is widely used to extract information from DNS servers. We can use the dig command with the -x option to perform a PTR lookup:

$ dig -x
;; ANSWER SECTION:	83094	IN	PTR	dns.google.

In the above example, we tried running the lookup for the IP address of dns.google which is In the answer section of the output, we see that the record points back to dns.google. The same command will work for IPv6 addresses, too.

4. The nslookup Command

nslookup is another command that we can use for performing DNS lookups. To lookup a PTR record, we need to just type the nslookup command followed by the IP address:

$ nslookup	name = dns.google.

Authoritative answers can be found from:
8.8.in-addr.arpa	nameserver = ns1.level3.net.
8.8.in-addr.arpa	nameserver = ns2.level3.net.
ns2.level3.net	internet address =
ns1.level3.net	internet address =

The first line of the output shows us the domain associated with the given IP address. We can use the same command for IPv6 addresses too.

5. The host Command

host is yet another command that can be used for performing DNS lookups. Using this command, we can perform a PTR lookup as follows:

$ host -t PTR domain name pointer dns.google.

In the above example, we used the -t option to specify that we are looking for the record type PTR, followed by the IP address we are querying for. As with the earlier commands, this works with IPv6 addresses too.

6. Conclusion

In this tutorial, we first looked at different ways of looking up PTR records for a given IP address. This can be useful to us when we are building or configuring email servers and related applications, among other things. Of the three commands we looked at, the output of the host command is the easiest to parse for further processing in other programs.

Comments are closed on this article!