On this page, we provide technical background information about our reverse DNS (rDNS) measurement. This information is targeted at DNS operators and academic researchers.
The goal of the OpenINTEL project is to capture daily snapshots of the state of large parts of the global Domain Name System. Because the DNS plays a key role in almost all Internet services, recording this information allows us to track changes on the Internet, and thus its evolution, over longer periods of time. By performing active measurements we build consistent and reliable time series of the state of the DNS.
Our rDNS measurement uses IPv4 addresses as a starting point. We sensibly exclude private addresses beforehand.
Our measurement does not brute-force all possible IPv4 addresses, but rather applies a sensible pruning heuristic to find actively delegated namespace. To this end, we measure the delegation structure of the reverse address space (SOA and NS queries). Once we know the delegation structure, we query individual PTR records for parts of the name space that we know to be delegated. The measurement is randomised over the address space to prevent high outgoing query loads to specific name servers that are authoritative for significant delegations (e.g. at /16 or larger level). We currently only measure the reverse DNS address space for the IPv4 Internet.
| Name | Description | Since | Status | Type |
|---|---|---|---|---|
| IPv4 reverse DNS name space | Measurement covering the entire IPv4 reverse DNS name space | 2020-02-17 | Active | Closed |
The reverse measurement system uses a limited set of DNS queries, which it sends once every 24 hours. The set of queries currently consists of the following queries:
SOANS (1)PTRA and AAAA records for these records in a separate
infrastructure measurement.
All response records, including CNAME expansions (e.g., RFC 2317 classless delegation) are stored.
The data dictionary describes the data format, including type and explanation of the fields.
The data collected by the OpenINTEL platform has numerous applications in network and network security research. To support these efforts, we make our open data available on the download page under the terms and conditions outlined on our terms page. As using this data may require specialized knowledge and specific analysis infrastructure, we encourage academic researchers to contact us to discuss your research needs.
Closed data may be available upon request (more information here). If you have an interest in licencing access to our data for commercial purposes feel free to contact us.