expand the reverse DNS documentation

howto/new-machine.md

@@ -83,8 +83,46 @@ taken by the installer:
     ... where `$SUBNET` is the (known) subnet from the upstream
     provider and `$MAC` is the MAC address as found in `ip link show
     up`.
+
+ 4. ensure reverse DNS is set for the machine. this can be done either
+    in the upstream configuration dashboard (e.g. Hetzner) or in our
+    zone files, in the `dns/domains.git` repository.
+
+    Pro tip: `dig -x` will show you an SOA record pointing at the
+    authoritative DNS server for the relevant zone, and will even show
+    you the right record to create. Since IPv6 records are
+    particularly painful to create, you should use this all the time.
+
+    For example, the IP addresses of `chi-node-01` are `38.229.82.104`
+    and `2604:8800:5000:82:baca:3aff:fe5d:8774`, so the records to
+    create are:
+
+        $ dig -x 2604:8800:5000:82:baca:3aff:fe5d:8774 38.229.82.104
+        [...]
+        ;; QUESTION SECTION:
+        ;4.7.7.8.d.5.e.f.f.f.a.3.a.c.a.b.2.8.0.0.0.0.0.5.0.0.8.8.4.0.6.2.ip6.arpa. IN PTR
+
+        ;; AUTHORITY SECTION:
+        2.8.0.0.0.0.0.5.0.0.8.8.4.0.6.2.ip6.arpa. 3552 IN SOA nevii.torproject.org. hostmaster.torproject.org. 2021020201 10800 3600 1814400 3601
+
+        [...]
+
+        ;; QUESTION SECTION:
+        ;104.82.229.38.in-addr.arpa.	IN	PTR
+
+        ;; AUTHORITY SECTION:
+        82.229.38.in-addr.arpa.	2991	IN	SOA	ns1.cymru.com. noc.cymru.com. 2020110201 21600 3600 604800 7200
+
+        [...]
+
+    In this case, you should add this record to
+    `82.229.38.in-addr.arpa.`:
+
+        104.82.229.38.in-addr.arpa.	IN	PTR chi-node-01.torproject.org.
+
+    And this to `2.8.0.0.0.0.0.5.0.0.8.8.4.0.6.2.ip6.arpa.`:
     
-    Make sure reverse DNS is correct as well.
+        4.7.7.8.d.5.e.f.f.f.a.3.a.c.a.b.2.8.0.0.0.0.0.5.0.0.8.8.4.0.6.2.ip6.arpa. IN PTR chi-node-01.torproject.org.
 
  4. the machine has a short hostname (e.g. `test`) which resolves to a
     fully qualified domain name (e.g. `test.torproject.org`) in the