This article explains how to identify and correct PTR records whose target hostnames do not have matching forward A records.
Use this article when a PTR record exists in a reverse DNS zone, but the hostname in the PTR record does not resolve back to the same IPv4 address.
Overview
A PTR record maps an IP address back to a hostname. This is commonly called reverse DNS.
An A record maps a hostname to an IPv4 address. For forward-confirmed reverse DNS, the hostname returned by the PTR record should have an A record that points back to the same IP address.
Symptoms
- PTR records exist in a reverse DNS zone.
- The PTR record Points To values contain hostnames.
- One or more PTR target hostnames do not have matching A records.
- The A record exists, but it does not resolve to the same IP address used by the PTR record.
- Reverse DNS validation, email delivery, or forward-confirmed reverse DNS checks may fail.
Example
Reverse DNS zone:
1.1.10.in-addr.arpa
PTR records:
1.1.1.10.in-addr.arpa. PTR mail1.domain.com. 2.1.1.10.in-addr.arpa. PTR mail2.domain.com. 3.1.1.10.in-addr.arpa. PTR mail3.domain.com.
These PTR records point to the following hostnames:
mail1.domain.com. mail2.domain.com. mail3.domain.com.
The forward DNS zone domain.com should contain matching A records for those hostnames:
mail1.domain.com. A 10.1.1.1 mail2.domain.com. A 10.1.1.2 mail3.domain.com. A 10.1.1.3
Why This Happens
This issue occurs when the PTR record points to a hostname that does not have a matching forward A record, or when the A record exists but points to a different IPv4 address.
The PTR record and the A record are stored in different DNS zones. The PTR record belongs in the applicable reverse DNS zone, such as an in-addr.arpa zone. The A record belongs in the applicable forward DNS zone, such as domain.com.
How to Check the PTR and A Records
-
Confirm that each PTR record exists in the applicable reverse DNS zone.
Example:
dig -x 10.1.1.1 dig -x 10.1.1.2 dig -x 10.1.1.3
-
Review the PTR response for each IP address.
Example:
10.1.1.1 returns mail1.domain.com. 10.1.1.2 returns mail2.domain.com. 10.1.1.3 returns mail3.domain.com.
-
Confirm that each PTR target hostname has an A record.
Example:
dig mail1.domain.com A dig mail2.domain.com A dig mail3.domain.com A
- Confirm that each A record resolves to the same IP address that returned the PTR record.
How to Resolve the Issue
- Log in to the UltraDNS Portal.
- Click Domains.
-
Open the forward DNS zone that contains the PTR target hostnames.
Example:
domain.com
- Under A Records, click + Add Record.
-
Create an A record for each PTR target hostname.
Examples:
mail1.domain.com. A 10.1.1.1 mail2.domain.com. A 10.1.1.2 mail3.domain.com. A 10.1.1.3
- Set the TTL as needed.
- Click Save.
- Repeat the lookup tests for the PTR records and A records.
Expected Outcome
Each PTR record returns a hostname, and each returned hostname has an A record that points back to the same IPv4 address.
Example:
dig -x 10.1.1.1 returns mail1.domain.com. dig mail1.domain.com A returns 10.1.1.1
Important Notes
- PTR records belong in the applicable reverse DNS zone, such as an
in-addr.arpazone. - A records belong in the applicable forward DNS zone, such as
domain.com. - PTR records and their matching A records are often in different DNS zones.
- The hostname in the PTR record Points To field should be used as the hostname for the corresponding A record.
- The A record should point back to the same IP address that returned the PTR record.
- For IPv4 address
a.b.c.d, the full PTR owner name isd.c.b.a.in-addr.arpa. - Do not confuse the full PTR owner name with the reverse DNS zone name.
- If UltraDNS does not host the forward DNS zone for the PTR target hostname, create or update the A record with the DNS provider authoritative for that forward DNS zone.