The nslookup Command on Linux


Introduction

The nslookup command is a tool used to query Domain Name System (DNS) servers and retrieve information about a specific domain or IP address. This command is an essential tool for network administrators and system engineers as it can be used to troubleshoot DNS issues and gather information about DNS configurations. In this article, we'll explore the nslookup command on Linux in depth, including its syntax, options, and examples of how it can be used to troubleshoot DNS issues. We will also discuss the prerequisites for using the nslookup command and how to install it on various Linux distributions.

Prerequisites

To use the “nslookup” command, you need to access the control row interface and an Internet connection. Furthermore, if you are not familiar with the types of DNS record, it is recommended to read "types of DNS records explained" before immersing yourself in this article.

nslookup syntax

The nslookup command can be used in two modes: interactive and non-interactive. To start nslookup interactive mode, type only the command name −

$ nslookup

This will provide a prompt that will allow you to run more queries on the server. For example, you can type a domain name and receive information about it.

www.duckduckgo.com

In interactive mode, you can specify an option on a separate line before the query. This option is preceded by "set" −

set [option]

To exit interactive mode, type −

$ exit

Quiet mode allows you to use nslookup to run individual queries. The syntax for quiet mode is −

$ nslookup [options] [domain-name]

Nslookup options

The nslookup command has several switches that can be used to retrieve more detailed information about a domain or IP address. Some of the more commonly used options include −

  • -domain=[domain-name] − Change the default DNS name.

  • -debug − Show debugging information.

  • -port=[port-number] − Specify the port for queries. The default port number is 53.

  • -timeout=[seconds] − Specify the time allowed for the server to respond.

  • -type=a − View information about the DNS A address records.

  • -type=any − View all available records.

  • -type=hinfo − View hardware-related information about the host.

  • -type=mx − View Mail Exchange server information.

  • -type=ns − View Name Server records.

  • -type=ptr − View Pointer records. Used in reverse DNS lookups.

  • -type=soa − View Start of Authority records.

Installing nslookup

nslookup is pre-installed on most major operating systems. However, if you need to install it on a Linux distribution that uses the APT package manager, such as Ubuntu, you can install the dnsutils package by running the following command −

$ sudo apt install dnsutils -y

On CentOS, Fedora and Red Hat, nslookup is part of the bind-utils package. You can install it by running the following command −

$ sudo dnf install bind-utils

How to use nslookup

The nslookup command can be used to perform various types of DNS and reverse DNS lookups, as well as troubleshoot server-related issues. Some common uses of the command include −

View NS records for a domain: To view NS records for a domain, type −

$ nslookup -type=ns [domain name]

View MX records for a domain − MX records store all relevant data from the Mail Exchange server. To check the MX data for a domain, type −

$ nslookup -type=mx [domain name]

Perform a reverse DNS lookup − To find the domain name associated with an IP address, type −

$ nslookup [IP address]

Change the default DNS server − To query a specific DNS server, specify its IP address after the domain name or IP address you want to query. For example, to query the DNS server at the IP address 1.1.1.1 for information about the domain "example.com", type the following command −

$ nslookup example.com 1.1.1.1

View all available logs − To view all available logs, type the following command −

$ nslookup -type=any example.com

DNS troubleshooting − The nslookup command can be used to troubleshoot DNS problems, such as troubleshooting DNS server errors or identifying the cause of slow DNS resolution. The command can also be used to verify that a specific DNS server is responding to queries or to check the status of a DNS zone transfer.

DNS Server Test − The nslookup command can be used to test the connectivity and response time of a specific DNS server. When using the command with the "-timeout" and "-port" options, it is possible to specify a personalized time and a personalized door to test the response times and the connectivity of the server. In addition, you can use the "-DEbug" option to show further information and solve any problem with the connection.

View DNS records − using the various "-type" options, you can recover specific DNS records such as A, MX, NS, PTR, Soa and Hinfo. This can be useful when solving problems with specific types of DNS records or when they collect INF

It is important to keep in mind that the output of the nslookup command will show the "authorized response" and the "non -authoritative response", the authorized response refers to the response provided by one of the names of the names that belongs to the domain is required and no authoritative response It is provided by a server named not associated with specific domain, for example its server named ISP.

Conclusion

The nslookup command is a powerful tool that can be used to query DNS servers and retrieve information about domain names and IP addresses. It is commonly used by network administrators and system engineers to troubleshoot DNS-related issues, gather information about DNS configurations, and test DNS server connectivity and response time. By understanding the syntax, options and examples of how to use the nslookup command, you can easily troubleshoot DNS issues and retrieve important information about domains and IP addresses.

Updated on: 13-Feb-2023

14K+ Views

Kickstart Your Career

Get certified by completing the course

Get Started
Advertisements