For analytics purposes, I'm looking at large sets of IP addresses in server log files. I'm trying to perform reverse-DNS lookups to understand where traffic is coming from - e.g. what percentage of IPs resolve to corporations, schools, government, international etc.

Despite a bunch of optimizations, individually reverse-DNS'ing every IP address still appears to be fairly expensive though. So -

is there any way to obtain an entire range of IPs from a reverse-DNS?

If yes, this could greatly reduce the number of actual reverse-DNS lookups.

Example (numbers slightly obfuscated):

• Log file contains a request from an IP 128.151.162.17
• Reverse DNS resolves to 11.142.152.128.in-addr.arpa 21599 IN PTR alamo.ceas.rochester.edu
• (So this is a visitor from Rochester University, rochester.edu)
• Now, would it be safe to assume that all at least all IPs from 128.151.162.* will also resolve to rochester.edu?
• What about 128.151.*.*? Is there a way to get the exact IP range?