Console9

How to perform a reverse DNS lookup with nslookup

Resolve an IP address to its associated domain name using nslookup reverse DNS lookup with PTR record queries.

Resolve an IP address to its associated domain name by performing a reverse DNS lookup with nslookup.

Prerequisites

  • nslookup installed on the system (included by default on Linux, macOS, and Windows).
  • Terminal or command prompt access.
  • The IP address to resolve.

Step-by-Step: Reverse DNS Lookup with nslookup

  1. Open a terminal and run nslookup with the IP address as the argument:

    nslookup 203.0.113.50

    nslookup automatically detects that the argument is an IP address and performs a reverse DNS lookup. The tool queries the PTR record in the in-addr.arpa zone to find the domain name associated with that IP address.

    Example output:

    Server:    192.168.0.1
Address:   192.168.0.1#53

Non-authoritative answer:
50.113.0.203.in-addr.arpa   name = host.example.com.

  2. To perform a reverse lookup against a specific DNS server, add the server address as the second argument:

    nslookup 203.0.113.50 8.8.8.8

    nslookup sends the reverse query to Google Public DNS (8.8.8.8) instead of the system's default resolver.

  3. To view the full DNS response including TTL values and authority records, add the -debug flag:

    nslookup -debug 203.0.113.50

    nslookup displays the QUESTIONS, ANSWERS, and AUTHORITY RECORDS sections. The ANSWERS section contains the PTR record with its TTL value.

How to Verify

nslookup displays the PTR record under the "Non-authoritative answer" section. The output shows the IP address in reverse notation (e.g., 50.113.0.203.in-addr.arpa) and the associated domain name.

Cross-check the result by performing a forward lookup on the returned domain:

nslookup host.example.com

nslookup should return the original IP address. Matching forward and reverse records confirm a valid forward-confirmed reverse DNS (FCrDNS) configuration.

Common Issues

nslookup returns "server can't find" for the IP address.** The IP address does not have a PTR record. Reverse DNS records must be configured by the owner of the IP address block -- typically the hosting provider or Internet Service Provider (ISP). Contact the IP provider to create the PTR record.

nslookup returns a hostname that does not match the expected domain.The PTR record points to a different domain than expected. This happens when the IP address owner sets a generic hostname or when multiple domains share the same IP address. Only one PTR record exists per IP address.

Reverse DNS lookup works, but email delivery still fails.Mail servers verify forward-confirmed reverse DNS (FCrDNS). The PTR record must point to a domain whose A record resolves back to the same IP address. If the forward and reverse records do not match, receiving mail servers may reject the connection.

© 2026 - Console9