How to use the command nslookup (with examples)
The nslookup command is used to query one or more name servers for various types of domain records. It provides detailed information about the DNS resolution process, such as IP addresses, name servers, mail servers, and more.
Use case 1: Query the default name server for an IP address
Code:
nslookup example.com
Motivation: This use case is helpful when you need to find the IP address (A record) of a domain. It allows you to quickly retrieve the IP address associated with a given domain name.
Explanation: The nslookup command is followed by the domain name you want to query. In this case, we are querying the default name server of our system for an IP address.
Example output:
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: example.com
Address: 93.184.216.34
Use case 2: Query a specific name server for NS record
Code:
nslookup -type=NS example.com 8.8.8.8
Motivation: This use case is useful when you want to check the authoritative name servers (NS records) for a particular domain. It allows you to identify the name servers responsible for serving the DNS records of the domain.
Explanation: The -type=NS flag specifies the type of record we are interested in, which is NS (name server) in this case. The second parameter is the domain we want to query. Lastly, we specify the IP address of the name server we want to query (in this case, Google’s public DNS server, 8.8.8.8).
Example output:
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
example.com nameserver = ns1.example.com.
example.com nameserver = ns2.example.com.
Use case 3: Reverse lookup of an IP address
Code:
nslookup -type=PTR 54.240.162.118
Motivation: This use case is useful when you need to perform a reverse lookup of an IP address. It allows you to find the associated domain name (PTR record) for a given IP address.
Explanation: The -type=PTR flag specifies the type of record we want to query, which is PTR (reverse lookup) in this case. The IP address we want to perform the reverse lookup on is provided as the parameter.
Example output:
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
118.162.240.54.in-addr.arpa name = server-118-162-240-54.sjc6.r.cloudfront.net.
Use case 4: Query for ANY available records using TCP protocol
Code:
nslookup -vc -type=ANY example.com
Motivation: This use case is helpful when you want to retrieve all available DNS records for a domain. It allows you to gather comprehensive information about the domain, including A, NS, MX, TXT, and other record types.
Explanation: The -vc flag specifies that the query should use the TCP protocol instead of the default UDP. The -type=ANY flag states that we want to retrieve all available records. The domain name is provided as the parameter.
Example output:
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
example.com internet address = 93.184.216.34
example.com nameserver = ns1.example.com.
example.com nameserver = ns2.example.com.
example.com mail exchanger = 10 mx.example.com.
example.com text = "v=spf1 include:_spf.example.com ~all"
Use case 5: Query a name server for the whole zone file using TCP protocol
Code:
nslookup -vc -type=AXFR example.com name_server
Motivation: This use case is useful when you want to retrieve the entire zone file of a domain from a specific name server. It allows you to obtain all the DNS records associated with the domain, including those not publicly accessible.
Explanation: The -vc flag indicates that the query should be made using TCP protocol. The -type=AXFR flag specifies that we want to perform a zone transfer. The domain name is provided as the parameter, followed by the name server we want to query.
Example output: (Output will vary depending on the server setup)
Zone transfer not allowed
Use case 6: Query for mail servers (MX record) with transaction details
Code:
nslookup -type=MX -debug example.com
Motivation: This use case is helpful when you want to discover the mail servers responsible for a domain and obtain debugging information about the transaction. It allows you to troubleshoot email delivery issues and verify the correctness of mail server configurations.
Explanation: The -type=MX flag specifies the type of record we want to query, which is MX (mail exchanger) in this case. The -debug flag enables debug mode, providing detailed transaction information.
Example output:
Server: 192.168.1.1
Address: 192.168.1.1#53
------------
QUESTIONS:
example.com, type = MX, class = IN
ANSWERS:
-> example.com
origin = ns1.example.com
mail addr = hostmaster.example.com
serial = 201912161
refresh = 7200
retry = 900
expire = 1209600
minimum = 1800
------------
Name: example.com
Address: 93.184.216.34
Use case 7: Query a name server on a specific port for the TXT record
Code:
nslookup -port=port_number -type=TXT example.com name_server
Motivation: This use case is useful when you want to query a name server on a specific port for a TXT (text) record of a domain. It can be used to check TXT records configured for SPF, DKIM, or other purposes.
Explanation: The -port=port_number flag specifies the port number to use for the query. The -type=TXT flag indicates that we want to retrieve the TXT record. The domain name is provided as the parameter, followed by the name server and port number.
Example output:
Server: name_server
Address: 1.2.3.4#port_number
Non-authoritative answer:
example.com text = "v=spf1 include:_spf.example.com ~all"
Conclusion:
The nslookup command is a versatile tool for querying DNS records. It provides a range of options to retrieve specific types of records, query specific name servers, and perform various diagnostic tasks related to DNS resolution. By understanding the different use cases of the nslookup command, you can effectively troubleshoot DNS-related issues and gain valuable insights into the domain’s DNS infrastructure.
