Sunday, December 29, 2024
Google search engine
HomeGuest BlogsHow to Use the nslookup Command

How to Use the nslookup Command

Introduction

When troubleshooting DNS issues, it is useful to have access to Domain Name System (DNS) records of a website. All mainstream operating systems have tools that enable users to query a web server and receive important information such as IP addresses and other pieces of domain-related information.

This article will introduce the nslookup command which is used for obtaining server records. It will also provide examples of the command’s most popular options.

How to use the nslookup command with examples.How to use the nslookup command with examples.

Prerequisites

  • Access to the command line interface
  • Access to internet

Note: If you are not familiar with DNS record types, we strongly recommend you read DNS Record Types Explained before diving into this article.

nslookup Syntax

The nslookup command can be used in two modes: interactive and non-interactive. To initiate the nslookup interactive mode, type the command name only:

nslookup

The prompt that appears lets you issue multiple server queries.

Entering the interactive mode.Entering the interactive mode.

For example, you can type a domain name and receive information about it.

www.google.com

After nslookup outputs the information, it provides another prompt.

Querying in the interactive mode.Querying in the interactive mode.

In interactive mode, specify an option in a separate line before the query. Precede the option with set:

set [option]
Setting options in the interactive mode.Setting options in the interactive mode.

To exit interactive mode, type:

exit

The non-interactive mode lets you use nslookup to issue single queries. The syntax for the non-interactive mode is:

nslookup [options] [domain-name]

The command and the query are written in the same line.

Viewing basic information about a domain in non-interactive mode.Viewing basic information about a domain in non-interactive mode.

nslookup Options

Find all the important nslookup options in the following table.

nslookup Option Description
-domain=[domain-name] Change the default DNS name.
-debug Show debugging information.
-port=[port-number] Specify the port for queries. The default port number is 53.
-timeout=[seconds] Specify the time allowed for the server to respond.
-type=a View information about the DNS A address records.
-type=any View all available records.
-type=hinfo View hardware-related information about the host.
-type=mx View Mail Exchange server information.
-type=ns View Name Server records.
-type=ptr View Pointer records. Used in reverse DNS lookups.
-type=soa View Start of Authority records.

Installing nslookup

nslookup comes preinstalled on all major operating systems. If you need to install it again on Ubuntu or another Linux distro featuring the APT package manager, install the dnsutils package:

sudo apt install dnsutils

On CentOS, Fedora, and Red Hat, nslookup is part of the bind-utils package. Install it by running:

sudo dnf install bind-utils

How to Use nslookup?

Use the nslookup command to perform DNS and reverse DNS searches and troubleshoot server-related problems. The following sections present the most common uses of the command.

Note: The authoritative answer in the output of the nslookup refers to the answer provided by one of the nameservers belonging to the domain being searched. The non-authoritative answer is provided by a nameserver not associated with the specific domain, e.g., your ISP nameserver.

View Domain’s NS Records

Name Server (NS) records store names of the domain’s name servers. To see a domain’s NS records, type:

nslookup -type=ns [domain-name]

The output lists all available name servers:

Viewing name server information.Viewing name server information.

View Domains MX Records

MX records store all relevant Mail Exchange server data. This information is used to route all email requests for the domain to the appropriate mail server.

Check a domain’s MX data by typing:

nslookup -type=mx [domain-name]

The output shows the names of mail servers.

Viewing Mail Exchange server information.Viewing Mail Exchange server information.

Perform a Reverse DNS Lookup

While nslookup provides information about a domain name, it can also be used to look for the domain name associated with an IP address.

Perform a reverse DNS lookup using the following syntax:

nslookup [ip-address]

The command outputs the domain name.

Performing a reverse DNS lookup.Performing a reverse DNS lookup.

View SOA Records

Start of Authority (SOA) records provide authoritative information about the domain and the server, such as the email address of the administrator, serial number, refresh interval, query expiration time, etc.

View a domain’s SOA records by typing:

nslookup -type=soa [domain-name]

The nslookup command output shows the relevant information:

Viewing the domain's SOA records.Viewing the domain's SOA records.

View Text Records

TXT records contain important information for users outside of the domain. For example, Google and Facebook use TXT records to verify domain ownership.

View a domain’s TXT information by running the following nslookup command:

nslookup -type=txt [domain-name]

The output shows each TXT record in a separate line:

Viewing the domains TXT records.Viewing the domains TXT records.

View All Records

View all available DNS records of a domain using the any option.

nslookup -type=any [domain-name]

The output shows NS, SOA, MX, and TXT information:

Viewing all available DNS records for a domain.Viewing all available DNS records for a domain.

View Information About a Specific Name Server

See the name, IPv4 and IPv6 information of a specific name server on a domain by using the following syntax:

nslookup [domain-name] [name-server]

The output is now limited to the nameserver you specified:

Viewing information about a specific name server for a domain.Viewing information about a specific name server for a domain.

View Pointer Records

Pointer records are used for reverse DNS lookups to confirm that the IP address belongs to a specific domain name. When using the ptr option, type the IP address in reverse, i.e., 1.2.3.4 becomes 4.3.2.1:

nslookup -type=ptr [reverse-ip-address].in-addr.arpa

Look for the domain name in the output.

Performing a reverse DNS lookup using pointer records.Performing a reverse DNS lookup using pointer records.

Query a Non-Default Port

DNS servers use port 53 to communicate. If you want to check a different port, specify it with the port option:

nslookup -port=[port-number] [domain-name]

View Debugging Information

To view information useful for debugging, use the debug option:

nslookup -debug [domain-name]
Viewing debugging information.Viewing debugging information.

Note: In the interactive mode, setting the debug option turns on the debugging mode. To exit the mode, set the nodebug option.

Conclusion

After reading this article, you should know how to install and use the nslookup command on Linux. The article provided examples of the most common uses of nslookup.

Was this article helpful?
YesNo

RELATED ARTICLES

Most Popular

Recent Comments