1

I need to check a reverse dns using the DNS servers of some domains. But I'm having some problems.

dig -x 212.26.146.21 +short
mx20.gypost.com.

all ok

dig -x 212.26.146.21 @8.8.8.8 +short
mx20.gypost.com.

its ok too

dig SOA google.com +short 
ns1.google.com. dns-admin.google.com. 2014021800 7200 1800 1209600 300

dig -x 212.26.146.21 @ns1.google.com +short

empty

I can't find reverse address using NS record of any domain. What i do wrong? And how i can check my reverse address using dns server of gmx.com, for example.

Kostiuk Aleksandr
  • 509
  • 2
  • 14

3 Answers3

1

ns1.google.com (and the mail dns-admin.google.com) are used to handle the DNS zones of Google, they do not provide recursion thus you cannot query them for something that is not under their control.

NaeiKinDus
  • 730
  • 20
  • 30
  • Then how i can find dns server of some domain? – Kostiuk Aleksandr Sep 10 '14 at 08:22
  • If you want to retrieve the DNS servers that handle a zone, you can ask for the SOA to retrieve the current DNS server and/or ask for the NS records that contains all the declared DNS servers for that zone. But again, it does not mean that the said servers will allow you to request information about a record that is in an external zone, away from their "jurisdiction". – NaeiKinDus Sep 10 '14 at 08:27
  • I try ask for SOA record, but result the same. This means that only the admin of the domain can provide information on their DNS servers? – Kostiuk Aleksandr Sep 10 '14 at 08:33
  • The admins of a DNS server choose what they want to expose. Most of the time a DNS server should not allow recursion; recursion means that when you ask a server to tell you who www.example.com is but the server does not handle the zone example.com, it has to query itself another DNS server that could give him the response you need. In our case why would the DNS server of Google (ns1.google.com) which only handles Google's zones "help us" by answering to other kinds of requests ? That is a common configuration. – NaeiKinDus Sep 10 '14 at 08:41
  • Some domains, sometimes can't send mails to my domain. I can't now add log but there some like "cant find reverse dns". Maybe it's not problem with dns? – Kostiuk Aleksandr Sep 10 '14 at 09:09
  • I am pretty sure that this is not related to the issue you have stated here. Ensure that your MX records are correctly set up and that your reverse is set accordingly. Moreover if 8.8.8.8 can resolve you then it seems that this particular kind of query is OK. – NaeiKinDus Sep 10 '14 at 09:26
  • "450 4.7.1 Client host rejected: cannot find your hostname, [212.26.146.21]" from gmx.com domain. But PTR and MX records is ok on my domain.(gypost.com) – Kostiuk Aleksandr Sep 10 '14 at 09:57
  • I think you should ask GMX or find something in their help section about that, it is beyond my knowledge. Seems like they do not maintain a reverse DNS zone. – NaeiKinDus Sep 10 '14 at 11:26
  • Just to correct some previous answers to this question "Then how i can find dns server of some domain?" You can do this by querying the NS records. This works for both forward and reverse, but you cannot use dig -x to find NS records for the reverse. You have to use the full reverse DNS zone format by reversing your IP octects. See my full answer for how to do this. – madacoda May 06 '20 at 20:48
0

Reverse-DNS entries are not part of the normal (i.e. forward) zones. To actually perform a reverse DNS lookup, you must reverse the order of octets in the ip address and add .in-addr.arpa and then perform a normal lookup.

So a reverse lookup for the address 212.26.146.21 actually translates to doing a lookup for 21.146.26.212.in-addr.arpa using the normal rules for finding nameservers from the top down. That is the correct way to find the authoritative nameservers for a reverse lookup.

Generally forward and reverse lookups are handled by quite different nameservers. The forward lookups are typically handled by nameservers provided by the entity that purchased the domain in question, while the reverse lookups are handled by whoever is administering the IP block in question (e.g. an ISP). So there is no direct link between nameservers responsible for resolving reverse lookups and whatever nameservers that are handling the normal (forward) domain.

So you either need to find the authoritative nameservers for the information you are looking for, or ask a recursive nameserver that by definition will do that work for you.

krisku
  • 3,916
  • 1
  • 18
  • 10
0

You are querying against the Authoritative nameserver for Google.

Your assumption here is that the same Google DNS server is authoritative for both the forward and reverse space, which is incorrect.

If you want to find the Authoritative nameserver for the reverse zone, you can do this with :

dig 146.26.212.in-addr.arpa NS

And if you want to then ask the reverse Authoritative Nameserver for the PTR record :

dig +norecurse @$(dig 146.26.212.in-addr.arpa NS +short | tail -1) 21.146.26.212.in-addr.arpa PTR

This gives me 

; <<>> DiG 9.10.3-P4-Ubuntu <<>> +norecurse @ns.adamant.net. 21.146.26.212.in-addr.arpa PTR
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26088
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1680
;; QUESTION SECTION:
;21.146.26.212.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
21.146.26.212.in-addr.arpa. 86400 IN    PTR     telluris.com.ua.

;; Query time: 111 msec
;; SERVER: 212.26.128.2#53(212.26.128.2)
;; WHEN: Wed May 06 20:44:44 UTC 2020
;; MSG SIZE  rcvd: 84
madacoda
  • 363
  • 4
  • 11