Linux nslookup commands to troubleshoot dns domain name server

nslookup is a network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record. This article explains the nslookup command in detail for DNS troubleshooting.

Nslookup can be run in two modes: Interactive and Non-Interactive. Interactive mode is used to query DNS servers about various domains and hosts interactively, while Non-Interactive mode is used to query information about a specific domain or host with a single command.

Basic DNS Queries

Finding A Record (IP Address)

To find the "A" record (IP address) of a domain, use the following command −

$ nslookup tutorialspoint.com

Sample output −

Server:        127.0.1.1
Address:       127.0.1.1#53

Non-authoritative answer:
Name:          tutorialspoint.com
Address: 117.18.237.191

The above command provides information about tutorialspoint.com. The Non-authoritative answer displays the A record of the domain.

Reverse DNS Lookup

To perform a reverse domain lookup (finding domain name from IP address), use −

$ nslookup 209.191.122.70

Sample output −

Server:        127.0.1.1
Address:       127.0.1.1#53

Non-authoritative answer:
70.122.191.209.in-addr.arpa    name = UNKNOWN-209-191-122-X.yahoo.com.

Authoritative answers can be found from:

Specific DNS Record Queries

MX (Mail Exchange) Records

To query MX records that specify mail servers for a domain −

$ nslookup -query=mx yahoo.com

MX records map a domain name to mail exchange servers, determining where emails for that domain should be routed.

NS (Name Server) Records

To find the authoritative name servers for a domain −

$ nslookup -query=ns yahoo.com

NS records identify which DNS servers are authoritative for the domain.

SOA (Start of Authority) Records

To query SOA records that contain administrative information about the domain −

$ nslookup -type=soa yahoo.com

Sample output shows administrative details like serial number, refresh intervals, and responsible email address.

Advanced Query Options

Querying All DNS Records

To retrieve all available DNS records for a domain −

$ nslookup -query=any yahoo.com

This comprehensive query returns A, AAAA, MX, NS, SOA, and other record types in a single output.

Debug Mode

To enable debug mode for detailed query information −

$ nslookup -debug yahoo.com

Debug mode provides detailed information about the DNS query process, including TTL values and the complete question-answer exchange.

Common DNS Record Types

Troubleshooting Tips

• Non-authoritative answers come from cached DNS data and may not reflect recent changes.

• Authoritative answers come directly from the domain's DNS servers and represent current data.

• Use debug mode to identify DNS resolution issues and verify query paths.

• Check TTL (Time to Live) values to understand cache duration.

Conclusion

The nslookup command is an essential tool for DNS troubleshooting, allowing administrators to query various DNS record types and diagnose resolution issues. Understanding both interactive and non-interactive modes, along with specific query options, enables effective DNS management and problem resolution.