|I l@ve RuBoard|
10.11 Reverse-Mapping an Address with dig
Use dig's -x command-line option, which takes an IP address as an option argument. For example:
$ dig -x 18.104.22.168
dig prints the interpreted DNS response message, just as it did in Section 10.10:
; <<>> DiG 9.2.1 <<>> -x 22.214.171.124 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12896 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;126.96.36.199.in-addr.arpa. IN PTR ;; ANSWER SECTION: 188.8.131.52.in-addr.arpa. 21600 IN PTR www.oreilly.com. ;; AUTHORITY SECTION: 146.204.209.in-addr.arpa. 21600 IN NS ns.oreilly.com. 146.204.209.in-addr.arpa. 21600 IN NS ns1.sonic.net. ;; Query time: 62 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Thu Jun 27 20:28:41 2002 ;; MSG SIZE rcvd: 118
If the PTR record reverse-mapping the address is in a zone delegated using the scheme described in RFC 2317 (Section 6.5), you may need to specify the type PTR on the command line, too: older versions of dig send queries for records in any type when you use the -x option. You can tell which variety your dig is by looking at the type of the query in the QUESTION SECTION. The version of dig we used in this recipe was a newer one, which sends an explicit PTR query.
You can also use dig's -x option just to build the domain name to look up from the octets of the IP address and specify a different record type on the command line. For example, to look up A records attached to 0.168.192.in-addr.arpa (read RFC 1101 for why you'd ever want to do that), you could use:
$ dig -x 192.168.0 a
10.11.4 See Also
dig(1); Section 6.5; RFCs 1101 and 2317; "Using dig" in Chapter 12 of DNS and BIND.
|I l@ve RuBoard|