Reverse DNS, It’s easier than you think

This guide is for people using BIND who already use it for forward records. (Likely medium businesses+).  Reverse DNS allows you to translate IP addresses to hostnames.  This can help speed up connections that do a lot of security checks (I had it speed up initial SSH connections, over a VPN), it’s also important if you run a mail-server.  It also can help with network scans (aka nmap).

  1. Get this nice script: http://wilmer.gaa.st/main.php/dnsrev.html
  2. Get needed packages sudo apt-get install bind9utils python-dnspython python-ipaddr
  3. Put the script (along w/ dnsrev.conf) in your zone folder, for me /etc/bind/master/
  4. Create a dnsrev.conf with the following
    FWD_ZONES = [(“office.example.com”, “office.example.com”),
    (“anotheroffice.example.com”, “anotheroffice.example.com”)]REV_ZONES = [(“10.10.10.IN-ADDR.ARPA”, “10.10.10.0/24”)]
  5. Create a blank 10.10.10.IN-ADDR.ARPA zone file
    $TTL    3600
    $ORIGIN 1.10.10.in-addr.arpa.@     IN    SOA    ns1.office.example.com    contact.example.com.      (2012060101 ; Serial
    10800      ; Refresh
    3600       ; Retry
    604800     ; Expire
    86400 )    ; TTLIN    NS    ns1.office.example.com
    IN    NS    ns2.office.example.com
  6. Then run the script (with root) and it will generate the reverse zone (it also updates the Serial):

100.10.10.10.in-addr.arpa.                             IN PTR stony.office.example.com.
101.10.10.10.in-addr.arpa.                            IN PTR pirate.office.example.com.
102.10.10.10.in-addr.arpa.                            IN PTR frugal.anotheroffice.example.com.
103.10.10.10.in-addr.arpa.                            IN PTR realm.anotheroffice.example.com.

You do need to add the reverse zone file to your named.conf.local and other servers that need to DNS servers you have.  A restart (of BIND) and you know have Reverse DNS!

Test it! (from any machine)

$ host stony.office.example.com
stony.office.example.com has address 10.10.10.100

2 thoughts on “Reverse DNS, It’s easier than you think”

  1. thanks for the writeup, this worked great for me.

    in my case I was using a much larger reverse zone, but dnsrev.py was still able to handle it:

    REV_ZONES = [(“db.10”, “10.0.0.0/8”)]

Leave a Reply

Your email address will not be published. Required fields are marked *