1. Overview

Sometimes we need to get the hostname from an IP address in Linux. This could be a simple action but there are different scenarios to consider. In this tutorial, we’ll take a look at those situations and how to deal with them using some useful commands.

2. Get the Hostname from a Public IP Address

In the case when the host has a public IP address and a valid reverse DNS entry, we can use the commands host or dig.

2.1. Using the Command host

The host command performs DNS lookups to convert names to IP addresses and vice versa.

Let’s try an example:

$ host domain name pointer dns.google.

In this example, we’ve used the command host to get the hostname for the IP address (The Google DNS).

2.2. Using the Command dig

The dig command is a tool for performing DNS lookups and displays the answers returned from the name server(s) that were queried.

Now, to query for an IP address, we would need to use the option -x:

$ dig -x

; <<>> DiG 9.16.15-Ubuntu <<>> -x
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2113
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 1232

;; ANSWER SECTION:	68312	IN	PTR	dns.google.

;; Query time: 35 msec
;; WHEN: Wed Apr 13 22:53:53 CEST 2022
;; MSG SIZE  rcvd: 73

The default output of the dig command contains more information than the host command. However, dig provides options to customize it. For example:

$ dig -x +noall +answer	68159	IN	PTR	dns.google.

The first option +noall removes all lines in the output and then we’ve included the answer section with the option +answer.

3. Get the Hostname From an IP Address on the LAN

When we need to get the hostname of a machine on the same LAN and without a reverse DNS, we can use commands like nmblookup, nbtscan or avahi-resolve. The first two commands are used to lookup NetBIOS names. The last one is used to lookup using the Avahi daemon:

  • NetBIOS is used by Windows and Linux (with Samba) devices to publish their addresses.
  • Avahi is used by macOS, Windows 10+, and Linux (running the avahi-daemon) devices to publish their addresses via Multicast DNS.

3.1. Using the Command nmblookup

The nmblookup command queries NetBIOS names and maps them to IP addresses in a network.

Similar to other commands, we would need to use an option to use an IP address as an argument:

$ nmblookup -A
Looking up status of
	WORKGROUP       <00> - <GROUP> B <ACTIVE> 
	LAPTOP-PQCDJ0QF <00> -         B <ACTIVE> 

	MAC Address = E8-48-B8-8E-CA-4A

As you can see in the previous example, the nmblookup command can display the hostname, workgroup and MAC address of the given IP address.

3.2. Using the Command nbtscan

Contrary to nmblookup, the nbtscan command shows received NetBIOS information in human-readable form.

Let’s try the same IP address:

$ nbtscan
Doing NBT name scan for addresses from

IP address       NetBIOS Name     Server    User             MAC address      
------------------------------------------------------------------------------    LAPTOP-PQCDJ0QF            <unknown>        e8:48:b8:8e:ca:4a

The nbtscan command returns the output in a “table” format because this is more human-readable and we have the possibility of querying an IP address range as well.

3.3. Using the Command avahi-resolve

The avahi-resolve command resolves one or more mDNS/DNS hostname(s) using the Avahi daemon.

The usage is similar to other commands:

$ avahi-resolve -a	LAPTOP-PQCDJ0QF.local

In this case, the returned output only shows the IP address and its hostname.

4. Conclusion

In this tutorial, we’ve learned how to get the hostname from an IP address in Linux using different commands like host or dig when the host has a public IP address and a valid reverse DNS entry or commands nmblookup, nbtscan or avahi-resolve when the equipment is on the same LAN. We would have to identify the current scenario to choose the appropriate command or simply try all of them until we get the expected result.

Comments are closed on this article!