I l@ve RuBoard Previous Section Next Section

10.11 Reverse-Mapping an Address with dig

10.11.1 Problem

You want to reverse-map an address to a domain name using dig.

10.11.2 Solution

Use dig's -x command-line option, which takes an IP address as an option argument. For example:

$ dig -x

dig prints the interpreted DNS response message, just as it did in Section 10.10:

; <<>> DiG 9.2.1 <<>> -x
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12896
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;   IN      PTR
;; ANSWER SECTION: 21600 IN   PTR     www.oreilly.com.
146.204.209.in-addr.arpa. 21600 IN      NS      ns.oreilly.com.
146.204.209.in-addr.arpa. 21600 IN      NS      ns1.sonic.net.
;; Query time: 62 msec
;; WHEN: Thu Jun 27 20:28:41 2002
;; MSG SIZE  rcvd: 118

The domain name the address maps to is shown in the ANSWER SECTION, as the RDATA of the PTR record (www.oreilly.com, in this case).

10.11.3 Discussion

If the PTR record reverse-mapping the address is in a zone delegated using the scheme described in RFC 2317 (Section 6.5), you may need to specify the type PTR on the command line, too: older versions of dig send queries for records in any type when you use the -x option. You can tell which variety your dig is by looking at the type of the query in the QUESTION SECTION. The version of dig we used in this recipe was a newer one, which sends an explicit PTR query.

You can also use dig's -x option just to build the domain name to look up from the octets of the IP address and specify a different record type on the command line. For example, to look up A records attached to 0.168.192.in-addr.arpa (read RFC 1101 for why you'd ever want to do that), you could use:

$ dig -x 192.168.0 a

10.11.4 See Also

dig(1); Section 6.5; RFCs 1101 and 2317; "Using dig" in Chapter 12 of DNS and BIND.

    I l@ve RuBoard Previous Section Next Section