Creating a reverse lookup zone

Applies To: Windows Server 2008

Although adding a reverse lookup zone in Domain Name System (DNS) is similar in many respects to creating a forward lookup zone, there are some important differences, most notably in the naming conventions.

One important difference is that a reverse lookup zone is always a subdomain of either the in-addr.arpa domain (which supports reverse lookups for IP version 4 (IPv4) addresses) or the ip6.arpa domain (which supports reverse lookups for IP version 6 (IPv6) addresses).

Another important difference is that the subdomain name is constructed from the address of the subnet that contains the range of addresses for which the reverse lookup zone is responsible. When you create the reverse lookup zone, you specify this address in a particular format so that it can be recognized by the DNS server as pertaining to the address in a reverse lookup query.

When you create an IPv4 reverse lookup zone using the DNS Manager snap-in, the New Zone Wizard prompts you for a network ID, that is, the portion of the IP address range for which the reverse lookup zone is responsible. For example, if the reverse lookup zone covers all addresses that begin with 10 (that is, 10.0.0.0 to 10.255.255.255), you enter 10. To cover only those addresses in the subnet with an address in the range of 192.168.0.0 to 192.168.0.255, you enter 192.168.0. The wizard then constructs the reverse lookup zone name by reversing the order of the digit blocks and appending the result to the “root” domain name. For example, if you enter 192.168.0 in the wizard, the resulting name of the reverse lookup zone is 0.168.192.in-addr.arpa.

When you create an IPv6 reverse lookup zone using DNS Manager, the New Zone Wizard prompts you for the IPv6 address prefix of the subnet that contains the address range for which the reverse lookup zone is responsible. This address is entered using the normal IPv6 convention, including the length indicator. For example, to specify a 64-bit address prefix for the address range that begins with FE80, you enter FE80::/64. The resulting zone name is constructed by reversing the hexadecimal digits in the expanded address prefix, separating them with periods (that is, creating a logical subdomain name from each digit), and appending the result to the “root” domain name. For example, specifying FE80::/32 in the wizard results in the IPV6 reverse lookup zone name of 0.0.0.0.0.8.e.f.ip6.arpa.

You can also create a reverse lookup zone using the Dnscmd command-line tool. In this case, you must provide the name of the reverse lookup zone itself.

To complete this task, perform the following procedure: