Nslookup Commands to Troubleshoot DNS

nslookup (stands for name server lookup) is a network utility program used to test and troubleshoot DNS servers. As appears from its name, it gets name server information for domains by querying the DNS.

In this article, we will see the detailed use of nslookup command.
nslookup can be run in two modes: Interactive and Non-Interactive.
The Interactive mode is used to query DNS-Server about various domains and hosts. Non-Interactive mode is used to query about information of a domain or host.

1. Find out “A” record of Domain

nslookup yahoo.com
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
Name: yahoo.com
Address: 98.139.180.180
Name: yahoo.com
Address: 206.190.39.42
Name: yahoo.com
Address: 98.138.252.38

2. Reverse Domain Lookup

# nslookup 98.138.252.38
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
38.252.138.98.in-addr.arpa name = media-router-fp1.prod.media.vip.ne1.yahoo.com.

Authoritative answers can be found from:

3. Specific Domain Lookup.

# nslookup media-router-fp1.prod.media.vip.ne1.yahoo.com.
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
Name: media-router-fp1.prod.media.vip.ne1.yahoo.com
Address: 98.138.252.38

4. To Query MX record.

# nslookup -query=mx www.yahoo.com
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
www.yahoo.com canonical name = atsv2-fp.wg1.b.yahoo.com.

Authoritative answers can be found from:
wg1.b.yahoo.com
origin = yf1.yahoo.com
mail addr = hostmaster.yahoo-inc.com
serial = 1518173576
refresh = 30
retry = 30
expire = 86400
minimum = 300

5. To query NS record.

# nslookup -query=ns www.yahoo.com
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
www.yahoo.com canonical name = atsv2-fp.wg1.b.yahoo.com.

Authoritative answers can be found from:
wg1.b.yahoo.com
origin = yf1.yahoo.com
mail addr = hostmaster.yahoo-inc.com
serial = 1518173776
refresh = 30
retry = 30
expire = 86400
minimum = 300

6. To query SOA record.

# nslookup -type=soa www.yahoo.com
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
www.yahoo.com canonical name = atsv2-fp.wg1.b.yahoo.com.

Authoritative answers can be found from:
wg1.b.yahoo.com
origin = yf1.yahoo.com
mail addr = hostmaster.yahoo-inc.com
serial = 1518173847
refresh = 30
retry = 30
expire = 86400
minimum = 300

7. To query all Available DNS records.

#nslookup -query=any yahoo.com
;; Truncated, retrying in TCP mode.
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
yahoo.com rdata_257 = 0 issue "digicert.com"
yahoo.com rdata_257 = 0 iodef "mailto:[email protected]"
yahoo.com rdata_257 = 0 issue "symantec.com"
yahoo.com
origin = ns1.yahoo.com
mail addr = hostmaster.yahoo-inc.com
serial = 2018020926
refresh = 3600
retry = 300
expire = 1814400
minimum = 600
Name: yahoo.com
Address: 98.139.180.180
Name: yahoo.com
Address: 206.190.39.42
Name: yahoo.com
Address: 98.138.252.38
yahoo.com has AAAA address 2001:4998:44:204::100d
yahoo.com has AAAA address 2001:4998:c:e33::53
yahoo.com has AAAA address 2001:4998:58:2201::73
yahoo.com mail exchanger = 1 mta6.am0.yahoodns.net.
yahoo.com mail exchanger = 1 mta5.am0.yahoodns.net.
yahoo.com mail exchanger = 1 mta7.am0.yahoodns.net.
yahoo.com nameserver = ns3.yahoo.com.
yahoo.com nameserver = ns1.yahoo.com.
yahoo.com nameserver = ns5.yahoo.com.
yahoo.com nameserver = ns2.yahoo.com.
yahoo.com nameserver = ns4.yahoo.com.
yahoo.com text = "v=spf1 redirect=_spf.mail.yahoo.com"

Authoritative answers can be found from:

8. Enable Debug mode

To enable Debug Mode ‘set debug’ will return you verbose information like TTL:

# nslookup -debug yahoo.com
Server: 8.8.8.8
Address: 8.8.8.8#53

------------
QUESTIONS:
yahoo.com, type = A, class = IN
ANSWERS:
-> yahoo.com
internet address = 98.138.252.38
ttl = 1384
-> yahoo.com
internet address = 98.139.180.180
ttl = 1384
-> yahoo.com
internet address = 206.190.39.42
ttl = 1384
AUTHORITY RECORDS:
ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name: yahoo.com
Address: 98.138.252.38
Name: yahoo.com
Address: 98.139.180.180
Name: yahoo.com
Address: 206.190.39.42

So in this article, we have covered almost all nslookup commands which may help you to search (DNS) Domain Name Service related information.