nslookup (stands for name server lookup) is a network utility program used to test and troubleshoot DNS servers. As appears from its name, it gets name server information for domains by querying the DNS.
In this article, we will see the detailed use of nslookup command.
nslookup can be run in two modes: Interactive and Non-Interactive.
The Interactive mode is used to query DNS-Server about various domains and hosts. Non-Interactive mode is used to query about information of a domain or host.
1. Find out “A” record of Domain
nslookup yahoo.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: yahoo.com Address: 98.139.180.180 Name: yahoo.com Address: 206.190.39.42 Name: yahoo.com Address: 98.138.252.38
2. Reverse Domain Lookup
# nslookup 98.138.252.38 Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: 38.252.138.98.in-addr.arpa name = media-router-fp1.prod.media.vip.ne1.yahoo.com. Authoritative answers can be found from:
3. Specific Domain Lookup.
# nslookup media-router-fp1.prod.media.vip.ne1.yahoo.com. Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: media-router-fp1.prod.media.vip.ne1.yahoo.com Address: 98.138.252.38
4. To Query MX record.
# nslookup -query=mx www.yahoo.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: www.yahoo.com canonical name = atsv2-fp.wg1.b.yahoo.com. Authoritative answers can be found from: wg1.b.yahoo.com origin = yf1.yahoo.com mail addr = hostmaster.yahoo-inc.com serial = 1518173576 refresh = 30 retry = 30 expire = 86400 minimum = 300
5. To query NS record.
# nslookup -query=ns www.yahoo.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: www.yahoo.com canonical name = atsv2-fp.wg1.b.yahoo.com. Authoritative answers can be found from: wg1.b.yahoo.com origin = yf1.yahoo.com mail addr = hostmaster.yahoo-inc.com serial = 1518173776 refresh = 30 retry = 30 expire = 86400 minimum = 300
6. To query SOA record.
# nslookup -type=soa www.yahoo.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: www.yahoo.com canonical name = atsv2-fp.wg1.b.yahoo.com. Authoritative answers can be found from: wg1.b.yahoo.com origin = yf1.yahoo.com mail addr = hostmaster.yahoo-inc.com serial = 1518173847 refresh = 30 retry = 30 expire = 86400 minimum = 300
7. To query all Available DNS records.
#nslookup -query=any yahoo.com ;; Truncated, retrying in TCP mode. Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: yahoo.com rdata_257 = 0 issue "digicert.com" yahoo.com rdata_257 = 0 iodef "mailto:security@yahoo.com" yahoo.com rdata_257 = 0 issue "symantec.com" yahoo.com origin = ns1.yahoo.com mail addr = hostmaster.yahoo-inc.com serial = 2018020926 refresh = 3600 retry = 300 expire = 1814400 minimum = 600 Name: yahoo.com Address: 98.139.180.180 Name: yahoo.com Address: 206.190.39.42 Name: yahoo.com Address: 98.138.252.38 yahoo.com has AAAA address 2001:4998:44:204::100d yahoo.com has AAAA address 2001:4998:c:e33::53 yahoo.com has AAAA address 2001:4998:58:2201::73 yahoo.com mail exchanger = 1 mta6.am0.yahoodns.net. yahoo.com mail exchanger = 1 mta5.am0.yahoodns.net. yahoo.com mail exchanger = 1 mta7.am0.yahoodns.net. yahoo.com nameserver = ns3.yahoo.com. yahoo.com nameserver = ns1.yahoo.com. yahoo.com nameserver = ns5.yahoo.com. yahoo.com nameserver = ns2.yahoo.com. yahoo.com nameserver = ns4.yahoo.com. yahoo.com text = "v=spf1 redirect=_spf.mail.yahoo.com" Authoritative answers can be found from:
8. Enable Debug mode
To enable Debug Mode ‘set debug’ will return you verbose information like TTL:
# nslookup -debug yahoo.com Server: 8.8.8.8 Address: 8.8.8.8#53 ------------ QUESTIONS: yahoo.com, type = A, class = IN ANSWERS: -> yahoo.com internet address = 98.138.252.38 ttl = 1384 -> yahoo.com internet address = 98.139.180.180 ttl = 1384 -> yahoo.com internet address = 206.190.39.42 ttl = 1384 AUTHORITY RECORDS: ADDITIONAL RECORDS: ------------ Non-authoritative answer: Name: yahoo.com Address: 98.138.252.38 Name: yahoo.com Address: 98.139.180.180 Name: yahoo.com Address: 206.190.39.42
So in this article, we have covered almost all nslookup commands which may help you to search (DNS) Domain Name Service related information.
