Linux nslookup commands to troubleshoot dns domain name server

LinuxOperating System

nslookup is a network administration command-line tool available for many computer operating systems for querying Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record. This article explains about nslookup command in detail. Nslookup can be run in two modes, Interactive and Non-Interactive. The Interactive mode is used to query DNS-Server about various domains and hosts. Non-Interactive mode is used to query about information of a domain or host.

To find out Find out “A” record (IP address) of Domain, use the following command –

$ sudo nslookup tutorialspoint.com

The sample output should be like this –

Server:      127.0.1.1
Address:     127.0.1.1#53
Non-authoritative answer:
Name:       tutorialspoint.com
Address: 117.18.237.191

The above command gives information about tutorialspoint.com. Non-authoritative answer displays a record of Tutorialspoint.com

To find out Reverse Domain Lookup, use the following command –

$ sudo nslookup 209.191.122.70

The sample output should be like this –

Server:      127.0.1.1
Address:      127.0.1.1#53
Non-authoritative answer:
70.122.191.209.in-addr.arpaname = UNKNOWN-209-191-122-X.yahoo.com.
Authoritative answers can be found from:

To find Query MX (Mail Exchange) record, use the following command –

$ sudo nslookup -query=mx www.yahoo.com

The sample output should be like this –

Server:       127.0.1.1
Address:      127.0.1.1#53
Non-authoritative answer:
www.yahoo.comcanonical name = fd-fp3.wg1.b.yahoo.com.
Authoritative answers can be found from:
wg1.b.yahoo.com
   origin = yf1.yahoo.com
   mail addr = hostmaster.yahoo-inc.com
   serial = 1461733777
   refresh = 30
   retry = 30
   expire = 86400
   minimum = 300

MX report is used to map a site name to a record of mail trade servers for that area. Basically, it tells about whatever mail is received / or sent to @yahoo.com and which will be routed to mail server.

To find query NS(Name Server) record, use the following command –

$ sudo nslookup -query=ns www.yahoo.com

The sample output should be like this –

Server:       127.0.1.1
Address:      127.0.1.1#53
Non-authoritative answer:
www.yahoo.comcanonical name = fd-fp3.wg1.b.yahoo.com.
Authoritative answers can be found from:
wg1.b.yahoo.com
   origin = yf1.yahoo.com
   mail addr = hostmaster.yahoo-inc.com
   serial = 1461734024
   refresh = 30
   retry = 30
   expire = 86400
   minimum = 300

To find query SOA (Start of Authority) record, use the following command –

$ sudo nslookup -type=soa www.yahoo.com

The sample output should be like this –

Server:       127.0.1.1
Address:      127.0.1.1#53
Non-authoritative answer:
www.yahoo.comcanonical name = fd-fp3.wg1.b.yahoo.com.
Authoritative answers can be found from:
wg1.b.yahoo.com
   origin = yf1.yahoo.com
   mail addr = hostmaster.yahoo-inc.com
   serial = 1461734126
   refresh = 30
   retry = 30
   expire = 86400
   minimum = 300

To query all the available DNS records, use the following command-

$ sudo nslookup -query=any yahoo.com

The sample output should be like this –

Server:    127.0.1.1
Address:   127.0.1.1#53
Non-authoritative answer:
yahoo.comhas AAAA address 2001:4998:44:204::a7
yahoo.comnameserver = ns5.yahoo.com.
yahoo.comnameserver = ns2.yahoo.com.
yahoo.comnameserver = ns6.yahoo.com.
yahoo.com
   origin = ns1.yahoo.com
   mail addr = hostmaster.yahoo-inc.com
   serial = 2016042624
   refresh = 3600
   retry = 300
   expire = 1814400
   minimum = 600
yahoo.com    has AAAA address 2001:4998:c:a06::2:4008
yahoo.com    mail exchanger = 1 mta6.am0.yahoodns.net.
yahoo.com    mail exchanger = 1 mta5.am0.yahoodns.net.
yahoo.com    nameserver = ns4.yahoo.com.
yahoo.com    has AAAA address 2001:4998:58:c02::a9
yahoo.com    nameserver = ns3.yahoo.com.
yahoo.com    nameserver = ns1.yahoo.com.
yahoo.com    mail exchanger = 1 mta7.am0.yahoodns.net.
Authoritative answers can be found from:

To enable Debug mode, use the following command –

$ sudo nslookup -debug yahoo.com

The sample output should be like this –

Server:       127.0.1.1
Address:      127.0.1.1#53
------------
QUESTIONS: yahoo.com, type = A, class = IN
ANSWERS:
   -> yahoo.com
   internet address = 206.190.36.45
   ttl = 810
   -> yahoo.com
   internet address = 98.139.183.24
   ttl = 810
   -> yahoo.com
   internet address = 98.138.253.109
   ttl = 810
   AUTHORITY RECORDS:
   ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name:yahoo.com
Address: 206.190.36.45
Name:yahoo.com
Address: 98.139.183.24
Name:yahoo.com
Address: 98.138.253.109

Congratulations! Now, you know “Linux Nslookup Commands to Troubleshoot DNS (Domain Name Server)”. We’ll learn more about these types of commands in our next Linux post. Keep reading!

raja
Published on 18-Oct-2019 15:16:39
Advertisements