This is the seventh installment In the of a ten-part series outlining the ten most common Domain Name System (DNS) Records. In this article I will examine PTR Records, or Pointer Records. Find links below to the previous articles:
- In the sixth article I examined SRV Records
- In the fifth article I examined TXT Records
- In the fourth article I examined MX Records
- In the third article I examined CNAME Records
- In the second article I discussed the AAAA Records
- In the first article I discussed the A Records
What is a PTR Record?
PTR Records, also called Reverse DNS (rDNS) Records, are primarily used to check if the server name is genuinely associated with the IP address of a domain name. PTR Records are the opposite of an A Record which stores the hostname for the IPv4 (Internet Protocol Version 4) addresses. In a sentence, PTR Records show an IP is used with a particular domain.
what are PTR RECORDs used for?
These are the three most common uses of PTR Records:
- Spam Filtering – Spammers sometimes use IP addresses that don’t match domain names. Anti-spam tools lookup the IP address of an incoming email, and if that IP doesn’t match up with the IP associated with the domain name, then that message is marked as spam.
- More Spam Filtering – if the PTR Record for JasonOfflorida.com was
227.78.0.192.in-addr.arpaand the A record was192.0.78.227then JasonOfFlorida.com would be forward-confirmed, therefore email originating from JasonOfFlorida.com would never be marked as spam. - Tooling – System logging and monitoring tools sometimes receive entries specified only by IP addresses. So that humans can read the data, these programs may perform a reverse lookup before writing this to logs.
how are PTR Records formatted
rDNS lookups for IPv4 addresses use a special domain in-addr.arpa. This domain was discussed in my article Understanding URLs: How Domain Investors can avoid making costly mistakes by understading URLs.
The story of TLDs all began with the Advanced Research Projects Agency (ARPA) in the 1960s, which designated the first ever TLD (.arpa) while designing a network the US Government could use to send information between entities.
The .arpa TLD was later designated for technical purposes:
Infrastructure TLD, such as .arpa is used for technical purposes and now stands for Address and Routing Parameter Area. For historical reasons, the .arpa domain is sometimes considered a generic top-level domain.
In the in-addr.arpa domain, an IPv4 address is a sequence of four decimal numbers that are separated by dots, and appended to the second level domain suffix .in-addr.arpa. The four decimal numbers are obtained by splitting the 32-bit IPv4 address into four octets and converting each octet into a decimal number. These decimal numbers are then placed in the order: least significant first (left-most), to most significant last (right-most). It is important to note that this is the reverse order to the usual convention for writing IPv4 addresses.
As an example, JasonOfFlorida.com has an IP address of 192.0.78.227, so the PTR record would be 227.78.0.192.in-addr.arpa. To be clear, there is not a PTR record setup on this domain name.
rDNS lookups for IPv6 addresses use the domain ip6.arpa. Like its IPv4 sister, the IPv6 address is reversed left to right and added to the front of the ip6.arpa domain. I won’t go into details here, but you can read more about how nibbles work, which determine the number of zeroes in the number below.
As an example, the PTR record of IPv6 address 2001:db8::567:89ab is b.a.9.8.7.6.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa
how do you set up PTR RECORDs?
For most DNS providers, like GoDaddy (shown below), you cannot manually add a PTR record. You should contact the support team of your DNS provider to setup a PTR record.
If you received some added value from my post, please like and follow us on Facebook, Twitter, and LinkedIn, or subscibe to jasonofflorida.com. Next in the DNS Records Series I will discuss the SOA Record, or Start Of Authority Record.
