Reverse DNS, It’s easier than you think

This guide is for people using BIND who already use it for forward records. (Likely medium businesses+).  Reverse DNS allows you to translate IP addresses to hostnames.  This can help speed up connections that do a lot of security checks (I had it speed up initial SSH connections, over a VPN), it’s also important if you run a mail-server.  It also can help with network scans (aka nmap).

  1. Get this nice script:
  2. Get needed packages sudo apt-get install bind9utils python-dnspython python-ipaddr
  3. Put the script (along w/ dnsrev.conf) in your zone folder, for me /etc/bind/master/
  4. Create a dnsrev.conf with the following
    FWD_ZONES = [(“”, “”),
    (“”, “”)]REV_ZONES = [(“10.10.10.IN-ADDR.ARPA”, “”)]
  5. Create a blank 10.10.10.IN-ADDR.ARPA zone file
    $TTL    3600
    $ORIGIN     IN    SOA      (2012060101 ; Serial
    10800      ; Refresh
    3600       ; Retry
    604800     ; Expire
    86400 )    ; TTLIN    NS
    IN    NS
  6. Then run the script (with root) and it will generate the reverse zone (it also updates the Serial):                             IN PTR                            IN PTR                            IN PTR                            IN PTR

You do need to add the reverse zone file to your named.conf.local and other servers that need to DNS servers you have.  A restart (of BIND) and you know have Reverse DNS!

Test it! (from any machine)

$ host has address

2 thoughts on “Reverse DNS, It’s easier than you think”

  1. thanks for the writeup, this worked great for me.

    in my case I was using a much larger reverse zone, but was still able to handle it:

    REV_ZONES = [(“db.10”, “”)]

Leave a Reply

Your email address will not be published. Required fields are marked *