DNS PTR record is a record that stores domain and IP information. In other words, numeric tags are known as IP addresses but because they are hard to memorize, a new identification system was designed to use readable words instead; Domain Name System (DNS). Basically, it translates an IP address to domain names that humans can easily understand (e.g. amazon.com).
These domain and IP information are stored inside records, and one of those records is called the DNS PTR record. This article explores DNS records, their importance, and the types of DNS records. Then we’ll focus on PTR records and their purpose in the DNS system.
- PTR (Pointer) records are a type of DNS record that maps an IP address to a domain name
- PTR records are often used in email servers to verify the sender’s domain name and to combat spam and phishing attacks
- PTR records are important for several reasons, including verifying the accuracy of domain names associated with IP addresses, helping to ensure proper routing of network traffic, and aiding in network troubleshooting and security
- There are many types of DNS records including A records, SVR records, TXT records, etc.
DNS and Its Importance
To access a website on the internet, you need to know its domain name. This is the human-readable address of the computer you want to access (e.g. nytimes.com or espn.com). The Domain Name System holds the record of all domain names on the internet and their associated IP address.
When you type the domain name in the web browser (e.g. espn.com), the DNS translates the domain name to the unique IP address of the computer so the browser can load the internet resources.
DNS servers remove the need for us to memorize IP addresses such as 192.168.1.1 (in IPv4), as well as more complicated alphanumeric IP addresses like 2400:cb00:2048:1::c629:d7a2 (in IPv6). For more information, read our post on Managing DNS for Web Hosting.
Importance of DNS in Computer Networking
DNS is a critical component of computer networking because it allows users to access websites, services, and resources on the internet using easy-to-remember domain names rather than complex IP addresses.
DNS servers can be used to filter and block access to malicious websites, helping to protect users from phishing scams, malware, and other cyber threats. They can improve the speed and efficiency of DNS lookups, reducing the time it takes to resolve domain names to IP addresses.
Types of DNS Records
DNS records contain all the domain names and IP information of websites on the internet. There are different types of DNS records used in the DNS system. Here are each of them:
The A Record is the most basic type of DNS because it provides the IP address of a provided domain. The “A” stands for “address” and the A record only contains IPv4 addresses. For websites using an IPv6 address, it uses an “AAAA” record instead.
An A record has a TTL (time to live) value for each domain, listed in seconds. By default, the TTL value is 14,400 seconds. Thus, if an A record gets updated, it takes 240 minutes (14,400 seconds) to take effect.
Though most websites only have one A record, it’s possible to have two or more A records. With a technique known as robin load balancing, major websites can use several A records and send request traffic to one of the several IP addresses, each hosting the same content.
Example of A Record
Assuming you were to access the hostadvice website by entering www.hostadvice.com on your browser. At our name server, we have an A record that points to the IP address 22.214.171.124. This means that a request from your browser to www.hostadvice.com goes to the server with IP address 126.96.36.199.
If a website uses an IPv6 address, the DNS stores the address in an AAAA record. DNS AAAA records are similar to DNS A records. But they only store a domain’s IPv6 address instead of its IPv4 address.
The Internet Protocol (IP) now uses IPv6 for addresses. This is because IPv6 addresses are longer than IP4 addresses, and the internet is running out of IPv4 addresses.
This is akin to running out of phone numbers in a particular area code. IPv6 addresses provide more permutations and thus far more possible IP addresses.
Example of AAAA Record
You can look up an AAAA record by using the DIG command or the nslookup command. For example, if you take a look at google.com, you can see an IPv6 address of 2607:f8b0:4009:80a::200e. This is shown when you run nslookup to find the AAAA record for google.com.
The ”canonical name” (CNAME) takes you from an alias domain to a “canonical” domain. It’s used in place of the A record and in situations where a domain (or subdomain) alias of another domain.
CNAME records point to a domain, not to an IP address. A domain within the CNAME record can point to another domain in the record, or to a domain with an A record. But it doesn’t point to an IP address.
Example of CNAME Record
Consider a scenario where the site blog.example.com has a CNAME record whose value is “example.com” (without the blog). So what does this mean? When a DNS server looks up the DNS records for blog.example.com, the query triggers another DNS lookup to example.com.
This returns example.com’s IP address through its A record. Based on this example, we can say that example.com is the canonical name (or true name) of blog.example.com.
The TXT (’text’) record allows adding text into the Domain Name System (DNS). While it was initially created to allow us to place human-readable notes, you can now place machine-readable code inside TXT records. One domain can have many TXT records.
Most DNS servers have a limit to how much data you can put in a TXT record. There can also be limits to how many records can be inside the storage.
Popular use cases for DNS TXT records are email spam prevention and domain ownership verification. Administrators can input any text they want to associate with their domain.
How TXT Records Help to Prevent Email Spam
Oftentimes spammers attempt to create fake domains to send their email messages. But because TXT records are a crucial component of several different email authentication methods, they can help the email server determine whether the message is from a trusted source.
Some examples of email authentication methods are Domain Keys Identified Mail (DKIM), Sender Policy Framework (SPF), and Domain-based Message Authentication, Reporting & Conformance (DMARC). When you configure these methods properly, domain managers can make it hard for spammers to spoof their domains.
DKIM uses cryptographic technology to sign each email. Basically, a public-private key pair. The end result is that the email originates from the domain it claims to be from. The public key is stored in a TEXT record associated with the domain.
The DNS ‘mail exchange’ (MX) record manages all the information related to a mail server. It directs email to a mail server and routes it in accordance with the Simple Mail Transfer Protocol (SMTP, the standard protocol for all email).
Each domain in the record has a ‘priority’ number. This number indicates a preference, with the lower ‘priority’ value being preferred. So the server will always try the domain with the lower priority value. If the message fails to send, it’ll default to the next domain with a higher value.
Backup MX records
A backup MX record is an MX record for a mail server assigned a higher ‘priority’ value. This means lower prosperity. So under normal circumstances, the mail will go to the more prioritized servers.
Let’s say mailhost1 has a property value of 10 and mailhost2 has a value of 20. In this case, mailhost2 would be the ‘backup’ server because email traffic will be handled by mailhost1 provided it is up and running.
Administrators could also configure their MX record by giving them equal priority so that they receive the same number of messages. This helps the email provider to balance the load equally between two servers.
SOA stands for ‘start of authority’. This record stores vital domain-related information. This includes the administrator’s email address, the domain’s last update date, and how long the server should wait between refreshes.
All DNS zones require an SOA record as per IETF standards. They also help to facilitate zone transfers. The values stored in an SOA record include MNAME, RNAME, SERIAL, and REFRESH. The ‘RNAME’ value, for example, represents the administrator’s email address.
Parts of an SOA Record
- MNAME: The primary nameserver’s name for the domain zone. This server sends updates to the duplicate servers that maintain duplicates of the zone’s DNS records.
- REFRESH: Specifies how long the secondary servers should wait before asking primary servers for the SOA record to see if it has been updated. Time is in seconds.
- RETRY: Specifies how long the server should wait for asking an unresponsive primary nameserver for an update again. Time is in seconds.
- EXPIRE: If the primary server doesn’t send something to the secondary server for this amount of time, the secondary server should stop responding to queries for the zone.
NS stands for ‘nameserver’, and the nameserver record tells the internet where to find a domain’s IP address. It identifies the DNS Server containing the actual DNS records for that domain. If you fail to properly configure the DNS server, your users will not be able to load the website or application.
Keep in mind that NS records do not point to a canonical name (CNAME) record. Instead, it points to the A records or AAAA records.
When to Update NS Records
As a domain administrator, you should update your NS records when it’s time to change your domain’s nameservers. For example, some cloud providers require that customers point to the nameservers they provide.
You can also update the NS record if you want a subdomain to use multiple nameservers.
Let’s say the nameserver for example.com is ns1.exampleserver.com. If the admin of example.com wants blog.example.com to route to ns2.exampleserver.com instead, it’s possible to configure this by updating the NS record.
It might take several hours for the updates to reflect in the nameserver records, so you might want to keep that in mind.
We explained earlier that the DNS maps domain names to IP Addresses. The actual record responsible for that is called DNS pointer record, or PTR for short. A DNS PTR record retrieves the domain name associated with an IP address. This makes it the opposite of the ‘A’ record (which provides the IP address linked to a domain name).
The browser uses DNS PTR records to perform DNS lookups. In this process, the query begins with the IP address and finds the domain name with it. This is the opposite of DNS lookups where the domain name is used to find the IP address.
So far we’ve established that a PTR (Pointer) record is a type of DNS record that maps an IP address to a domain name. Now let’s dive deep into PTR records, starting with its purpose:
Purpose of PTR Record
PTR records are commonly used for reverse DNS lookups, where a DNS resolver performs a lookup of a domain name by its associated IP address. This is the opposite of DNS lookups that look for the IP Address.
PTR records are often used to verify the identity of an email sender by checking the domain name associated with the sender’s IP address. It’s also used for troubleshooting email delivery issues and error logging.
How PTR Record Works
The DNS PTR record works differently in IPv4 and IPv6. But before diving into the difference, note that DNS PTR records are stored in the reverse form under the IP address. By contrast, DNS A records are stored under a given domain name.
In IPv4, “in-addr.arpa” is the namespace within .arpa for reverse DNS lookups. The namespace is added because PTR records are part of the DNS .arpa top-level domain. .arpa was the first top-level domain name created for the web, and it’s the chief forerunner of the internet.
IPv6 addresses are built differently from IPv4 addresses. They work with IPv6 PTR records, which are reversed and transformed into four-bit parts (the opposite of the 8-bit parts in IPv4 addresses). Not to mention that it uses “.ip6.arpa”.
Reverse DNS Lookups
In reverse DNS lookups, the DNS resolver performs a lookup of a domain name by its associated IP address. This is the opposite of DNS lookups that look for the IP Address.
PTR Query Record Process
The process of querying a DNS server for a PTR (Pointer) record involves the following steps.
The client (such as a user’s computer or email server) sends a request to the local DNS resolver, asking for the PTR record associated with a particular IP address.
If the local DNS resolver does not have the PTR record cached, it sends a query to the root DNS server, asking for the DNS server responsible for the top-level domain associated with the IP address.
The root DNS server responds with the address of the DNS server responsible for the top-level domain.
The local DNS resolver then sends a query to the appropriate DNS server, asking for the PTR record associated with the IP address.
The DNS server responds with the PTR record, which maps the IP address to a domain name and caches the PTR record for future use.
Why PTR Record Is Important
Here are four reasons why the DNS PTR record is important:
Domain Name Lookups
The DNS PTR record plays a critical role in DNS lookups and is an important controlling of access to resources. This record is the fundamental DNS record for accessing internet-based websites. Without it, it would be impossible to access websites because we would need to memorize IP addresses like 192.009.0.1.
Helps in Email Deliverability
Many email servers use PTR records to verify the identity of the sender of an email message. This is important in cases of unknown senders as it can lead to hacking attempts from malicious agents.
Helps in Security
Email servers also use PTR records to add an extra layer of security to the server. Some email anti-spam filters use reverse DNS to check the domain names of email addresses in a bid to inspect the IP address and uncover any potential susceptibility to attacks.
Helps in Network Troubleshooting
When diagnosing network issues, network administrators may need to perform reverse DNS lookups to identify the source of traffic or to resolve DNS-related errors.
Email delivery problems may be caused by a poorly configured or missing PTR record. Emails can be outrightly blocked from the domain if the PTR records contain the wrong domain or if the domain has no PTR record at all.
How to Create a PTR Record
Creating a PTR record can be a complex process that may involve coordination with your ISP or network administrator, and may require knowledge of DNS configuration and administration. Here are the steps to follow:
Steps to Create a PTR Record
Determining the IP Address
To find your IP address in Windows, start by clicking on your Start Menu. Then type cmd in the search box and press enter. A black and white window will open.
Inside this window, type ipconfig /all and press enter. There is a space between the command ipconfig and the switch of /all. Your ip address will be shown there.
If you’re on Mac, open the Mac terminal and type curl ifconfig.me and your public IP will display. Use the same command to get it on Linux.
Determining the Domain Name
This may be the domain name associated with your email server, web server, or other network resource. If you don’t know the name, just look for the domain host.
Your domain host is usually the company that sold your domain name to you. If you don’t remember who your domain host is, search your email archives for billing records regarding the registration or transfer of your domain name. You’ll find your domain host on your invoice.
The ISP or network administrator will typically handle the technical details of creating the PTR record and associating it with the appropriate DNS server. To reach an ISP agent, you can visit your ISP’s website and look for a way to connect with them there (e.g. telephone, email, contact form, or live chat).
Verifying PTR Record
We suggest verifying that the PTR record has been created and is working correctly by performing a reverse DNS lookup using a tool such as ‘nslookup’ or ‘dig’.
So how can you look up PTR records on Windows? To check the PTR records for a certain domain name on Windows, follow these steps:
- Click on Start and search for ‘cmd’ using the ‘Type here to search box
- Open CMD by double-clicking it
- Type nslookup -q=ptr example.com
- Hit [enter] to get the PTR records for example.com.
Follow these steps to get verify your PTR record if you’re using MacOS:
- Click command + space and search for ‘terminal. app’
- Click enter to open the terminal
- Type dig example.com ptr
- Hit enter to get the PTR records for example.com.
The PTR records are listed underneath the ANSWER SECTION title.
Common Mistakes to Avoid
Creating a PTR record requires careful attention to detail and a solid understanding of DNS configuration and administration. If possible, we recommend consulting a professional to assist you in setting everything up.
Common mistakes you might encounter when setting up PTR Records are an incorrect domain name, missing or incomplete PTR record, incorrect DNS server, and failure to verify the record. If you encounter any of these errors, we recommend reaching out to a network administrator for assistance.
The DNS PTR record is fundamental to the functioning of the internet. It is used to map IP addresses to domain names and to perform reverse DNS lookups, which are all about getting the domain name by the IP address.
This article covered everything about DNS, including the different types we have. We expanded on the PTR record, its purpose, and the steps for creating it by yourself.
PTR records are important because they facilitate reverse DNS lookups and email deliverability. They also help in creating anti-spam features in email servers and troubleshooting email delivery issues.
Next Steps: What Now?
- Build a website
- Purchase a domain name
- Host the website on the web with your preferred web hosting
- Verify that your PTR record is working