Reverse DNS

The Domain Name System (DNS) is a globally distributed Internet service. Among other services, it provides name-to-number (forward) and number-to-name (reverse) translations using defined client-server and server-server protocols. The DNS is a public service and any user is freely able to query the DNS system for forward or reverse translations.

Reverse DNS delegations allow requesters to map to a domain name from an IP address. Reverse delegation is achieved by the use of pseudo-domain names in-addr.arpa (IPv4) and ip6.arpa (IPv6). APNIC only registers reverse delegations and is not directly involved in other aspects of the domain name registration system.

Public availability of reverse DNS zones at APNIC

For all IP address blocks IANA (the Internet Assigned Numbers Authority) allocates to APNIC, IANA also delegates corresponding reverse DNS zones within the centrally administered “in-addr.arpa” and “ip6.arpa” domains.

APNIC also published zone fragments. Zone fragments are the parts of zones managed by other parties, namely:

  • The other RIRs (Regional Internet Registries), who share zone management of early registration networks
  • The NIRs (National Internet Registries), who manage IP address space allocated to them for further distribution to their members

Access to reverse DNS data

Apart from access via conventional DNS query, APNIC supports access to reverse DNS data in four ways:

  1. Whois queries, either directly to APNIC from other whois services or via the Web
  2. Bulk access to the APNIC Whois Database by FTP or NRTM (Near Real Time Mirroring)
  3. FTP access to the DNS zone files
  4. DNS zone transfer queries

Operational and policy restrictions are imposed on data access via each of these methods. These restrictions are in place to protect the performance of the systems being used to provide DNS services and to limit ‘mining’ and misuse of administrative data (such as contact records).

Access to reverse DNS data by whois query

The APNIC Whois Database is currently used as the management database for producing the DNS zones so it can provide the information for each delegated IPv4 and IPv6 range registered in the reverse DNS.

Outside the global DNS system, information regarding reverse DNS delegations can be checked via whois queries.

The information is stored as domain objects (RPSL format). The name of each domain object is the reverse DNS zone under in-addr.arpa or ip6.arpa. The “nserver” attributes in each domain object define the officially-delegated DNS nameservers (the NS in DNS) zone contents. See what a completed domain object looks like.

Ordinary access via whois queries is subject to daily limits. Queries via the web-based whois interface are also subject to rate-based limits. These access limits apply to all the whois data, not just that which is DNS related. The actual limits set are monitored by the APNIC Secretariat and adjusted where appropriate.

Access to reverse DNS data by FTP

APNIC publishes the DNS zone information as text files at:

ftp://ftp.apnic.net/pub/zones

The files are published with an associated file with the zones’ MD5 checksum and a detached PGP signature so they can be verified independently.

There are no Acceptable Use Policy (AUP) restrictions on general access to the APNIC FTP service, but APNIC reserves the right to limit the simultaneous connections, the number of downloaded files, and the total data size downloaded per connection to limit the load on the servers and the network.

Access to reverse DNS by zone query

Visibility of the data via DNS zone transfer (AXFR and IXFR) may be limited to listed secondary DNS nameservers only.

User guides

For a detailed guide to Reverse DNS Delegations, see:

APNIC Reverse DNS Manual (PDF, 1.5MB).