The Domain Network System (DNS) protocol helps Internet users and network devices discover websites using human-readable hostnames, instead of numeric IP addresses.
1.The First Server your query interacts with is the Recursive Resolver, which can be operated by your Internet Service Provider (ISP),On-prem DNS server.
DNS recursor – The DNS recursor is a server designed to receive queries from client machines through applications such as web browsers. Typically the recursor is then responsible for making additional requests in order to satisfy the client’s DNS query.
2.Because the DNS server is not authoritative for the name and does not have the answer in its cache, the DNS server uses root hints to find the IP address of the DNS root server.
Root nameserver – The root server is the first step in translating (resolving) human readable host names into IP addresses. the root servers are running all over the world and each one knows DNS information about Top Level Domains such as .com. To begin answering your query, the recursive resolver asks a root server for dns information about .com.
3.The DNS server uses an iterative query to ask the DNS root server to resolve the name ftp.contoso.com. An iterative query indicates that the server will accept a referral to another server in place of a definitive answer to the query. Because the name ftp.contoso.com ends with the label com, the DNS root server returns a referral to the Com server that hosts the com zone
TLD nameserver – . This nameserver is the next step in the search for a specific IP address, and it hosts the last portion of a hostname (In example.com, the TLD server is “com”). Each Top Level Domain (TLD) DNS name server stores the address information for second level domains withing the top level domain (.com) when your query reaches the TLD Server, the TLD server answers with the ip address of the Domain’s name server, which will provide the next piece of the puzzle.
4.The DNS server uses an iterative query to ask the Com server to resolve the name ftp.contoso.com. Because the name ftp.contoso.com ends with the name contoso.com, the Com server returns a referral to the Contoso server that hosts the contoso.com zone.
5.The DNS server uses an iterative query to ask the Contoso server to resolve the name ftp.contoso.com. The Contoso server finds the answer in its zone data and then returns the answer to the server.
Authoritative nameserver – The authoritative nameserver is the last stop in the nameserver query. If the authoritative name server has access to the requested record, it will return the IP address for the requested hostname back to the DNS Recursor that made the initial request.
6.The server then returns the result to the client.
What is reverse DNS?
A reverse DNS lookup is a DNS query for the domain name associated with a given IP address. This accomplishes the opposite of the more-commonly-used forward DNS lookup, in which the DNS system is queried to return an IP address.
There are standards from the Internet Engineering Task Force (IETF) suggesting that every domain should be capable of reverse DNS lookup, but as reverse lookups are not critical to the normal function of the internet, they are not a hard requirement. As such, reverse DNS lookups are not universally adopted.
What are reverse DNS lookups used for?
Reverse lookups are very commonly used by email servers. Many email servers will reject messages from any server that does not support reverse lookups. This is because spammers typically use invalid IPs, so these email servers check and see if the message came from a valid server before bringing it onto their network.
It’s also common for logging software to employ reverse lookups in order to provide users with human-readable domains in their log data as opposed to a bunch of numeric IP addresses.
How does reverse DNS work?
Reverse DNS lookups query DNS servers for a PTR (pointer) record; if the server does not have a PTR record, it cannot resolve a reverse lookup. PTR records store IP addresses with their segments reversed, and they append ‘.in-addr.arpa’ to that. For example if a domain has an IP address of 18.104.22.168, the PTR record will store that information as 22.214.171.124.in-addr.arpa.