How-to-Create-Reverse-Lookup-Zones-and-PTR-Record-on-Windows-DNS-Server

How to Create Reverse DNS Lookup Zones and PTR Record on Windows DNS Server?


A Reverse DNS Lookup zone is a special DNS zone type, which is needed to perform a reverse DNS query and to resolve the host or domain name by its IP using a PTR record. The IP addresses in the reverse lookup zone are stored in a special reverse format. For example, the IP address of the node 111.222.000.003 in the reverse zone will be stored as 003.000.222.111.in-addr.arpa.
The in-addr.arpa zone is required to resolve the host name by its IP using a PTR record.

The PTR record is the reverse version of the A record. I.e. the A record associates a domain name with an IP address, and a PTR record associates an IP address with a canonical host name. These two DNS records are independent of each other. For example, the host mail.theitbros.com may be associated with the IP address 217.1.1.x, and the IP address 217.1.1.x point to a completely different host name.

Typically, the PTR records are used for spam protection. When receiving a letter, most email SMTP servers perform a reverse DNS lookup to verify the sender’s server hostname by its IP address. For example, when receiving an e-mail from a third-party server, the SMTP mail server can check the PTR record for the IP address of the sender server from which the email was received. If the name in the PTR record doesn’t match the name of the sending server from which the email message was received, the receiving server drops the email session from such a server (this is one of the many spam checks performed).

You can check the PTR records using the nslookup or dig command.
For example, check the PTR record in the reverse zone for the IP address 37.1.214.xxx:

nslookup 37.1.214.xxx

You should get something like this:

Server:  dns.google
Address:  8.8.8.8
Name:   mail.theitbros.com
Address:  37.1.214.xxx

In this case, the PTR record for IP 37.1.214.xxx points on mail.theitbros.com

Linux users can use the following command to verify PTR records:

dig -x 37.1.214.xxx

Lets’ look on how to create a reverse DNS zone and PTR record in the DNS server on Windows Server 2016/2012 R2:

  1. Open the DNS Management Console (dnsmgmt.msc);
  2. Expand your DNS server node, right-click on “Reverse Lookup Zones” and select “New Zone”;
    reverse dns lookup
  3. In the zone creation wizard, specify the type of the new zone—Primary Zone;
    reverse dns check
  4. Specify that you want to replicate this zone to all controllers in your domain;
    reverse name lookup
  5. Select IPv4 Reverse Lookup Zone type (usually) or IPv6;
  6. Specify the IP subnet for the zone. In this example, we will add a reverse zone for the subnet 10.1.1.0/24;
    reverse ip address lookup
  7. Next, specify whether to allow dynamic zone update. As a rule, you need to choose “Allow only secure dynamic updates (recommended for Active Directory)”;
  8. Click Next > Next > Finish.

Now your new reverse DNS zone has appeared in the Reverse Lookup Zones section and you can create a PTR record.

  1. Right-click your new reverse lookup zone and select “New Pointer (PTR)”;
    reverse dns record
  2. Specify the IP address and host name. As you can see, the FQDN of the host in reverse zone is looks like 24.1.1.10.in-addr.arpa.
    nslookup reverse dns

Now you can check this PTR records in DNS:

nslookup 10.1.1.24

reverse nslookup

You may also like:

Deploy Windows 10 with MDT 2013 and WDS In this article we will show you how to install and configure WDS role, MDT 2013 and Windows ADK on Windows Server 2012 R2 and use it to network PXE (...
Using IIS Manager for Remote Administration Managing multiple IIS servers over RDP can be quite inconvenient, especially if you need to administer dozens of such servers. It is much more conveni...
Print Job Stuck in Queue on Windows Server 2016/20... Print servers running Windows Server can have a large number of network printers connected. With a large number of devices, the Windows print queue ma...
Installing WebDAV client on Windows Server 2016 WebDAV (Web Distributed Authoring and Versioning) is an extension of the HTTP/1.1 protocol. The WebDAV protocol allows to access files on the remote s...
Fixing DNS Server Not Responding Error on Windows ... Let's discuss a quite frequent problem, when user could not access Internet on the Windows computer. The problem is related to the inaccessible DNS se...

Add Your Comment