Traditional DNS Howto - Page 7
The Reverse Zone File
Now programs can look up the centralsoft.org domain and all its subdomains in DNS, but now we need a reverse zone which maps IP addresses to centralsoft.org. This reverse lookup is used by many programs that will refuse to talk to you if the reverse lookup and the forward lookup (i.e. the normal lookup of centralsoft.org) do not mtach each other. For example, many email providers use reverse lookups to classify emails as spam or not spam.
Because we do not want emails originating from the centralsoft.org domain to be classified as spam, we create a reverse zone.
Therefore we have this in our named.conf file:
zone "158.253.70.in-addr.arpa" { |
What are the numbers in there? As you noticed, centralsoft.org is in the 70.253.158.x net. Now we take this string 70.253.158 and write it the other way round (158.253.70) and use it in the zone section we add to named.conf.
We also name our reverse zone file like this: pri.158.253.70.in-addr.arpa. We create pri.158.253.70.in-addr.arpa in the same directory as our "forward" zone file pri.centralsoft.org.
The beginning of pri.158.253.70.in-addr.arpa looks exactly like in pri.centralsoft.org:
@ IN SOA server1.centralsoft.org. root.localhost. ( |
But now, we do not create A, MX, CNAme, etc. records anymore, we only create PTR records.
PTR Records
PTR is short for pointer, and that's what it is: it points to a domain name. Let's create a PTR record for centralsoft.org:
42 PTR centralsoft.org. |
centralsoft.org's IP address is 70.253.158.42, and we want 70.253.158.42 to point to centralsoft.org.
We create exactly one pointer for each IP address we use; the only other IP address we use is 70.253.158.45 (for ns0.centralsoft.org), so we add:
45 PTR ns0.centralsoft.org. |
That's all. Our reverse zone file looks now like this:
@ IN SOA server1.centralsoft.org. root.localhost. ( |
Now we can test it by doing a lookup with the command line tool dig. First we look up the IP address of centralsoft.org:
# dig centralsoft.org |
As you see, it returns the IP address 70.253.158.42.
Now we do a reverse lookup:
# dig -x 70.253.158.42 |
You see, the forward and the reverse lookup match each other!