Reverse Dns in Ruby

Reverse DNS in Ruby?

Today I also needed reverse DNS lookup and I've found very simple standard solution:

require 'resolv'
host_name = Resolv.getname(ip_address_here)

It seems it uses timeout which helps in rough cases.

How can I set up reverse DNS on my Ruby on Rails website?

The website is hosted on Joyent, though the domain is through Go Daddy. Go Daddy does not do reverse DNS (even if the website is hosted through it.) The solution was to contact Joyent and to request that it set up the reverse DNS.

http://wiki.joyent.com/wiki/display/gen/DNS+Guide explains how to set up the reverse DNS through Joyent.

After a day or two, AOL, Comcast, and others started accepting emails from the website.

Reverse lookup in Ruby (preferably with Dnsruby)

Socket class can be used for looking up host name based on address.

See this answer for an example.

Ruby TCPServer always delay on dns reverse lookup? - how to disable?

The problem depends on my client machine where I run on MAC OSX Mav.

The used telnet client tries to open IPv6 connection and afterwards IPv4.

To solve the delay, just open connection with

telnet -4 my-server 3333

I have build a small connect echo servive where you can check resolves and timings.

If you change NO_REVERSE_LOOKUP you will get IPs or ADDRESSes and if not resolveable, different response times.

require 'socket'

NO_REVERSE_LOOKUP = true
CONNECT_PORT = 3333

puts "#{Time.now} Starting service on port: #{CONNECT_PORT}"

# the full hell - just to test if anything meets what we want
TCPServer.do_not_reverse_lookup = NO_REVERSE_LOOKUP
BasicSocket.do_not_reverse_lookup = NO_REVERSE_LOOKUP
Socket.do_not_reverse_lookup = NO_REVERSE_LOOKUP

srv = TCPServer.open(CONNECT_PORT)

puts "#{Time.now} Waiting for client"

client = srv.accept

puts "#{Time.now} Client connected"

client.do_not_reverse_lookup = NO_REVERSE_LOOKUP

client.print "Hello connected\n"

# in case that we disabled reverse lookup, we should only receive IP Adresses

puts "#{Time.now} Getting server address infos" 

puts "SERVER INFO:"
puts NO_REVERSE_LOOKUP ? client.addr(:numeric) : client.addr(:hostname)

puts ""

puts "#{Time.now} Getting remote client infos"

puts "REMOTE INFO:"
puts NO_REVERSE_LOOKUP ? client.peeraddr(:numeric) : client.peeraddr(:hostname)

###

puts "#{Time.now} Closing connection"

client.close

puts "#{Time.now} End"

Thanks to drbrain from #ruby-lang irc for pointing me to the IPv6 problem.

Ruby net-dns reverse lookups

This is a known issue.
It should be fixed soon.

reverse DNS look up

How does reverse DNS look up work?

The same way as forward DNS, but using a different record type.

When you do dig -x 172.217.0.46 in fact it is like doing dig PTR 46.0.217.172.in-addr.arpa so you are just querying, even without knowing it, a different branch of the DNS tree. in-addr.arpa was established long ago as the starting point of IPv4 DNS delegations. Blocks of IP addresses are then delegated to IANA, and from there to the 5 RIRs existing, which themselves delegate them to the LIR using the corresponding IP blocks.

It works the same way for IPv6 but just under another branch.

I want to get youtube.com from the IP address.

You may want it, but why? Both "branches" (the forward one and the reverse one) have no operational needs to stay synchronized and in fact will never be because they are managed by different companies.

Everything starts at IANA but then:

  • for the names (forward branch), the TLD is delegated to registries, and then registries delegates names to whatever nameservers registrants choose for their domains
  • for the IP addresses (reverse branch), the space is delegated to RIRs, and then LIRs, and then sometimes hosting companies or end users for those having their own IP blocks.

Imagine a relative middle webhosting company. It may be controlling a given block of IP addresses but does shared virtual hosting: clients can host their website there, and the hosting company use multiple IPs for all of the website hosted.
Synchronizing the PTR records would be just a huge task and have 0 benefits: out of email, PTR records are not very much used. Also, even if technically possible the case of one PTR records giving multiple names for a given IP address will probably not be handled properly by many applications.

RIR data is public. You can download the list of owners (LIRs) of each IPv4 and IPv6 blocks and doing searches there. It may not give you exactly the name your are looking after. You can also interactively query the data using the whois protocol (that does not use the DNS but goes to the same authoritative source).

If we take again your IP address as example:

$ whois 172.217.0.46

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2019, American Registry for Internet Numbers, Ltd.
#

NetRange:       172.217.0.0 - 172.217.255.255
CIDR:           172.217.0.0/16
NetName:        GOOGLE
NetHandle:      NET-172-217-0-0-1
Parent:         NET172 (NET-172-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS15169
Organization:   Google LLC (GOGL)
RegDate:        2012-04-16
Updated:        2012-04-16
Ref:            https://rdap.arin.net/registry/ip/172.217.0.0

OrgName:        Google LLC
OrgId:          GOGL
Address:        1600 Amphitheatre Parkway
City:           Mountain View
StateProv:      CA
PostalCode:     94043
Country:        US
RegDate:        2000-03-30
Updated:        2018-10-24

So you can see this IP address "belongs to" Google but you can not from that derive what website run on top of it.

Is there a way to get all domain names associated with an IP address? I am looking for a solution for Linux system.

Yes, there is a way, and various companies provide you this service online but typically not for free.

How they do it:

  • they start from a list of domain names/hostnames: to build that they can use open zonefiles (all gTLDs), do queries in search engines, parse email headers, use Certificate Transparency Logs, etc.
  • they resolve those names, hence they get associated IP address
  • they store this mapping
  • once done, it is "trivial" to do the reverse in their database.

So it is technically easy, just tedious and high volume of data to manipulate.
On top of that you need to remember that any name->IP mapping can change at any time. Hence, this database may be obsolete the moment it is created, so of course they redo the forward resolution regularly.


Related Topics

Overriding Model in Gem, Adding Callback and Methods

Rotate Bits Right Operation in Ruby

Accessing the Child Instance in a Rabl Template

Having Difficulty Accessing Validation Errors in Sinatra

Compass Error for Command 'Grunt Server'

+= Operator Appears to Modify Frozen String

Ruby 'Gets' That Works Over Multiple Lines

How to Install Libksba on MAC Osx

Action Mailer Smtp Google Apps

Turn Urls and @* into Links

Rails Routing - Custom Routes for Resources

Native Threads in Ruby 1.9.1, Whats in It for Me

What Is the Equivalent to Rspec's 'It "Should …", Focus: True Do' in Minitest/Spec

Rails Generate Controller Gives Me Load Error

Why Is 032 Different Than 32 in Ruby

Reverse Dns in Ruby

Using Form_For Tag with Get Method

How to Get a Reference to a Method


Leave a reply



Submit