mail us  |  mail this page

products  |  company  |  support  |  training  |  contact us


Blucat Banner

Pointer Record (PTR)

Pointer records are the opposite of A and AAAA RRs and are used in Reverse Map zone files to map an IP address (IPv4 or IPv6) to a host name.


name ttl  class   rr     name
15         IN     PTR

The value '15' (the base IP address) in the above example is actually a name (an owner-name or left-hand name) and because it does not teminate with a 'dot' BIND appends the $ORIGIN (or if an $ORIGIN is missing the zone name that referenced this zone file). The example below, which defines a reverse map zone file for the Class C address, should make this clearer:

$TTL 2d ; 172800 secs
$ORIGIN 23.168.192.IN-ADDR.ARPA.
@             IN      SOA (
                              2003080800 ; serial number
                              12h         ; refresh
                              15m        ; update retry
                              3w         ; expiry
                              3h         ; NXDOMAIN ttl
              IN      NS
              IN      NS
; 2 below is actually an unqualified name and becomes
2             IN      PTR ; FDQN
15            IN      PTR
17            IN      PTR
74            IN      PTR


  1. Because the $ORIGIN reflects the reverse map domain, all right-hand names must use an FQDN format (they end with a dot). If the terminating dot on above were omitted in error it would become - not the desired result!.

  2. PTR RRs (Resource Records), like most other RRs, may be part of an RRset (RRs which have the same owner-name (left-hand name) and RR type). If multiple owner-names are assigned to a single host (IPv4 or IPv6) in a forward mapped zone file using CNAME RRs, A RRs or AAAA RRs then each of these owner-names can be defined using a PTR RRset in the reverse map (though, obviously, the owner-name of the original RR is transposed to a right-hand name in the PTR RR), for example:

    ; forward zone file for
    mail  IN  A
    www   IN  A
    ; OR
    mail  IN  A
    www   IN  CNAME
    # reverse map zone file for 0.168.192.IN-ADDR.ARPA
    7     IN  PTR
    7     IN  PTR

    The reverse map zone file is prefectly legitimate. However, in tests a number of mail systems, which invariably perform a reverse look up, did not handle PTR RRsets and failed unless the mail server appeared first which is difficult to guarantee (see rrset-order). Thus, if a mail server ( and, say, a web server ( both have the same IP address (as illustrated in the example above) then since mail systems invariably use reverse lookups as a trivial security check it may be sensible to define the reverse map to only contain

  3. It is not mandatory (for either IPv4 or IPv6), but considered good practise, to define all assigned IPs in a reverse map. Care should, however, be exercised to avoid huge PTR RRsets. For example, a web server may map thousands of virtual domains onto a single IP address (of the web server). If every one of these virtual domains appeared in the reverse map (a legitimate construct) then a reverse map query would lead to a huge RRset response and a DDoS attack would be a likely result.

  4. It is sensible to define the reverse map zone file in order of IP addresses (the zone file is always sorted into canonical order when it is loaded by DNS software) or some other fixed order to avoid subsequent errors (duplications or omissions) or to simplify manual searching for a particular value.

  5. There are no A RRs for the defined NS names (respectively and since both are out-of-zone names. Any lookup is done via the forward zone file for in which suitable A RRs for these names must exist.

PTR Usage: While the overwhelming use of the PTR RR is in reverse mapping (for both IPv4 and IPv6) the PTR RR is not limited to this usage. Essentially, the PTR record may be thought of as a CNAME like RR (mapping a name to another name). The significant difference is that a query which results in a CNAME RR will cause the DNS to automatically restart the query using the alias (or canonical) name if it resolves within the same domain. When a query results in a PTR RR(s) the response is immediately returned and no further DNS processing results. Other than reverse mapping, this author cannot immediately think of a use for such a capability. More imaginitive readers may find alternative applications.

PTR and IPv6

IPv6 and IPv4 addresses cannot be mixed in the same zone file as they can for forward-map zones. IPv6 addresses are reverse mapped under the domain IP6.ARPA whereas IPv4 addresses are mapped under the IN-ADDR.ARPA domain. IPv6 reverse-maps use a nibble domain name format defined in Chapter 3. The following fragment illustrates the use of the PTR RR to reverse-map the IPv6 addresses 2001:db8:0:1::1, 2001:db8:0:1::1, 2001:db8:0:2::1 and 2001:db8:0:1::1:

; reverse IPV6 zone file for
$TTL 2d    ; default TTL for zone 172800 secs
@         IN      SOA (
                        2003080800 ; sn = serial number
                        12h         ; refresh = refresh
                        15m        ; retry = update retry
                        3w         ; expiry = expiry
                        2h         ; NXDOMAIN TTL
; name servers Resource Recordsfor the domain
          IN      NS
; the second name servers is 
; external to this zone (domain).
          IN      NS
; PTR RR maps a IPv6 address to a host name
; hosts in subnet ID 1         IN      PTR         IN      PTR
; hosts in subnet ID 2         IN      PTR         IN      PTR

Notes: The IPv6 range 2001:db8:: has been reserved for documentation purposes only by the great and mighty.

Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or info-support at zytrax. You will have a warm inner glow for the rest of the day.

Pro DNS and BIND by Ron Aitchison


tech info
guides home
dns articles
1 objectives
big picture
2 concepts
3 reverse map
4 dns types
5 install bind
6 samples
7 named.conf
8 dns records
9 howtos
10 tools
11 trouble
12 bind api's
13 dns security
bits & bytes
15 messages
notes & tips
registration FAQ
dns resources
dns rfc's
change log

Creative Commons License
This work is licensed under a Creative Commons License.

If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C STANDARDS COMPLIANT browser such as Firefox


Share Page

share page via facebook tweet this page submit page to stumbleupon submit page to

Page Features

Page comment feature Send to a friend feature print this page Decrease font size Increase font size

RSS Feed Icon RSS Feed



Debian Linux


GNU-Free SW Foundation


Open Source Initiative
Creative Commons


Ibiblio - Library
Open Book Project
Open Directory

SPF Resources

Draft RFC
SPF Web Site
SPF Testing
SPF Testing (member only)

Display full width page Full width page

Print this page Print this page

SPF Record Conformant Domain Logo

Copyright © 1994 - 2015 ZyTrax, Inc.
All rights reserved. Legal and Privacy
site by zytrax
Hosted by
web-master at zytrax
Page modified: September 01 2015.