What's the reverse DNS command line utility?
Solution 1
The commands dig
and host
should be what you're looking for ;)
On *nix systems, you can use this command:
dig -x [address]
Alternatively, you can add +short
at the end of the dig
command to output only the DNS result.
There's also nslookup
on both *nix and Windows systems for reverse DNS requests.
Solution 2
On *nix you can use:
dig -x [address]
Solution 3
Try "host"
-
Forward lookup with
host
:$ host google-public-dns-b.google.com. google-public-dns-b.google.com has address 8.8.4.4 google-public-dns-b.google.com has IPv6 address 2001:4860:4860::8844
-
Reverse lookup with
host
:$ host 8.8.4.4 4.4.8.8.in-addr.arpa domain name pointer google-public-dns-b.google.com.
Similar to dig
-
Forward lookup with
dig
:$ dig google-public-dns-b.google.com. +short 8.8.4.4
-
Reverse lookup with
dig
:$ dig -x 8.8.4.4 +short google-public-dns-b.google.com.
Try "rdt"
It takes a little more setup. But if you do this, then you can run this "rdt" PHP script from the command line and it's quite wonderful. It does a few back and forth trips between forward and reverse lookups.
Download from here: https://github.com/grawity/code/blob/master/net/rdt
Example. This is what it looks like when it's working:
$ rdt google-public-dns-b.google.com.
google-public-dns-b.google.com. = 2001:4860:4860::8844, 8.8.4.4
2001:4860:4860::8844 = dns.google
dns.google = 2001:4860:4860::8844, 2001:4860:4860::8888, 8.8.4.4, 8.8.8.8
2001:4860:4860::8888 = dns.google
8.8.8.8 = dns.google
8.8.4.4 = dns.google
Solution 4
On most of the Linux systems that I am aware of you can use:
nslookup <ip-number EX: 127.0.0.1>
will work on the command line.
Come to think of it, isn't nslookup available on Windows XP?
Solution 5
This question already has a million answers, but I'm gonna add another one. Here's a little function I wrote for easily doing reverse DNS with dig. Add this to your ~/.bashrc
file, reload your shell, and then you can do reverse DNS lookups with revdns 1.2.3.4
:
function revdns() {
octets=""
addr="in-addr.arpa"
# split the IP address into an array of octets
IFS="." read -r -a octets <<< "$1"
# add each octet to our $addr string in reverse order
for octet in "${octets[@]}"; do
addr=$octet"."$addr
done
# run a DNS pointer lookup with dig
# `+short` makes dig's output very terse (un-verbose)
# `"${@:2}"` passes any extra params from this command to dig
dig ptr +short $addr "${@:2}"
}
Reverse DNS lookups are done by checking the pointer (PTR) records. If you wanna do reverse DNS for "1.2.3.4", you have to lookup pointer records for "4.3.2.1.in-addr.arpa". My function takes in an IP address, reverses the order of the octets (i.e. changes it from 1.2.3.4 to 4.3.2.1), and then uses dig
to execute the PTR lookup I just described.
You can, of course, just use nslookup 1.2.3.4
if you have it, but I prefer this dig-based solution because it uses the OS' DNS servers instead of nslookup-provided ones (if you want, by the way, you can add additional dig flags when you call revdns
, and they will get passed to dig)
Related videos on Youtube
Peter Turner
Faithful Catholic - Father of 5, Husband of 1 Programmer of cloudish things from Southern Wisconsin.
Updated on September 17, 2022Comments
-
Peter Turner over 1 year
What's the command to find the name of a computer given its IP address?
I always forget what this command is, but I know it exists in Windows and I assume it exists on the *nix command-line.
-
Peter Turner almost 15 yearserr, maybe not.
-
Chris B almost 15 yearsYeah well, I did post a bit fast, and after a check I wasn't sure at all of my answer, I just put back my post and edit it to add more details ;)
-
Peter Turner almost 15 yearsOK, it is, but it isn't I'm accepting that answer. Too bad we can't get that real time Googley AJAX here.
-
Chris B almost 15 yearslol yeah well, we can't have everything ;) Have a nice day, I hope I help you ;)
-
bortzmeyer almost 15 yearsnsloookup is no longer maintained and its authors recommend dig. Besides, dig -x is much simpler than inversing the bytes yourself.
-
squillman almost 15 yearsThat's good to know, thanks a lot for the input! Old habits die hard ;)
-
hayalci almost 15 yearsyou can do "getent hosts [IP or HOSTNAME]"
-
jj33 almost 15 yearsHmmm... I wrote the tools originally just to play with the functions, so no loss there but I certainly wouldn't have pasted them into serverfault if I had known about the getent tool. Thanks for the pointer.
-
Naveed Abbas almost 15 yearsYes, indeed. And in previous versions of Windows.
-
bortzmeyer over 14 years-1: they are limited to IPv4, gethostbyname does not retrieve IPv6 addresses when they exist and gethostbyaddr does not accept IPv6 addresses.
-
ColinM about 12 yearsThis definitely seems to be the easiest way. Add +short at the end to return nothing but the rdns result.
dig -x [address] +short
-
Neil over 11 yearsThat
+short
flag is really useful! -
Michael Hampton over 8 yearsThese functions are many years obsolete. They were even obsolete when this was written. In perl and most other languages you should be using getaddrinfo and getnameinfo.
-
user2320464 over 8 yearsnbstat isn't a DNS utility but rather WINS/NetBIOS
-
Geremia over 7 yearsDoes this work with IPv6 addresses?
-
Chris B about 7 years@ColinM Good point. I've edited my answer based on this. Thanks!
-
webwurst almost 6 yearsAccording to its help
dig -x dot-notation
is the "shortcut for reverse lookups". I was wondering what the long version would be. Thanks for explaining! :) -
Ricardo over 5 yearsfrom
man dig
: When the -x is used, there is no need to provide the name, class and type arguments. dig automatically performs a lookup for a name like 94.2.0.192.in-addr.arpa and sets the query type and class to PTR and IN respectively. -
Ricardo over 5 yearsYes, @Geremia, according to
man dig
, The addr is an IPv4 address in dotted-decimal notation, or a colon-delimited IPv6 address. -
Tullo_x86 over 4 yearsThe same syntax also works with the
drill
utility from ldns, i.e.drill -x 123.123.123.123
-
user674669 over 2 yearsWorks on Mac OS Mojave 10.14.6