This article keeps saying about query rDNS. But how? I type in the rDNS command in Linux CLI or Win command prompt?
The reverse domain is under TLD .in-addr.arpa.
The way to query some IP address is writting it at reverse. For example for query for the reverse for 192.168.0.1 you must query for 1.0.168.192.in-addr.arpa.
The domain record is stored in PTR record.
Example:
$ dig -tPTR 8.8.8.8.in-addr.arpa
; <<>> DiG 9.11.5-P4-5.1ubuntu2.1-Ubuntu <<>> -tPTR 8.8.8.8.in-addr.arpa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46716
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;8.8.8.8.in-addr.arpa. IN PTR
;; ANSWER SECTION:
8.8.8.8.in-addr.arpa. 7032 IN PTR dns.google.
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: mié feb 26 20:07:39 -03 2020
;; MSG SIZE rcvd: 73
You could see the PTR value for 8.8.8.8.in-addr.arpa. is dns.google.
If you prefer use the "host" command, in this case you can ignore the in-addr.arpa and query directly by the ip address.
$ host 8.8.8.8
8.8.8.8.in-addr.arpa domain name pointer dns.google