ICANN Blogs

Read ICANN Blogs to stay informed of the latest policymaking activities, regional events, and more.

Planned Changes to IPv4 Reverse DNS Infrastructure

15 December 2010
By Joe Abley

The American Registry for Internet Numbers (ARIN) and ICANN are together planning changes to the infrastructure which supports the IPv4 Reverse DNS — that is, the part of the DNS which provides the ability to look up an IPv4 address and convert it to a name.

The IPv4 Reverse DNS uses the special domain IN-ADDR.ARPA. For many years the IN-ADDR.ARPA zone has been served by twelve of the thirteen DNS root servers. The changes we are planning will see the IN-ADDR.ARPA zone move to new, dedicated nameservers, five operated by the Regional Internet Registries (RIRs) and one operated by ICANN.

The deployment of dedicated DNS infrastructure for IN-ADDR.ARPA provides additional protection for clients and for root servers from high IPv4 reverse DNS traffic loads, and is consistent with the direction identified by the Internet Architecture Board (IAB) in RFC 3172. The naming scheme for the
new nameserver set will be as described in RFC 5855, as was recently implemented by ICANN for IP6.ARPA, the domain which supports the reverse DNS for IPv6.

ARIN has carried out the DNS zone maintenance function for IN-ADDR.ARPA since 1997. This function will transition to ICANN and will be managed concurrently with the central assignment of IPv4 address space to RIRs. Once the IN-ADDR.ARPA zone is being maintained by ICANN it will also be signed using DNS Security Extensions (DNSSEC), providing end-users with the ability to validate answers to reverse DNS queries.

Work on this set of changes began in November 2010, and is expected to be complete in February 2011. For more details please see <http://in-addr-transition.icann.org/>.

Authors

Joe Abley