Nslookup stands for “name server lookup” is a useful command for getting information from DNS server. It also very useful for troubleshooting DNS related issues. It queries to DNS (Domain Name Server) and get the dns records for any domain for ip address.
In this tutorial you will get some useful examples for nslookup command available on Linux servers. This command is also available on Windows systems as well.
DNS Lookup Example
Use below command to find the address record for a domain. It queries to domain name servers and get the details.
# nslookup google.com
Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: google.com Address: 216.58.219.206
Reverse DNS Lookup
You can also use ip address for reverse dns lookup. It will resolve the corresponding domain with IP address. Remember that this is different records configured in reverse zone of domain.
# nslookup 216.58.219.206
Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: 206.219.58.216.in-addr.arpa name = lga25s40-in-f14.1e100.net. 206.219.58.216.in-addr.arpa name = lga25s40-in-f14.1e100.net. 206.219.58.216.in-addr.arpa name = lga25s40-in-f206.1e100.net. 206.219.58.216.in-addr.arpa name = lga25s40-in-f206.1e100.net.
Query to Specific DNS Server
You may also query to specific dns server. For this you need to pass additional parameter for name server ip address or domain name. For example to query to 8.8.4.4 nameserver use following command.
# nslookup google.com 8.8.4.4
Server: 8.8.4.4 Address: 8.8.4.4#53 Non-authoritative answer: Name: google.com Address: 216.58.219.206
Find SOA Record for Domain
Use nslookup to find the SOA (Start of Authority) record for any domain. For example to find SOA records of domain google.com use following command. You need to specify type -type=soa as command line parameter.
# nslookup -type=soa google.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
google.com
origin = ns4.google.com
mail addr = dns-admin.google.com
serial = 159912615
refresh = 900
retry = 900
expire = 1800
minimum = 60
Authoritative answers can be found from:
Find MX Record for Domain
You can also query for MX (Mail Exchange) records for any domain. These domain records are responsible for emails delivery.
# nslookup -query=mx google.com
Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: google.com mail exchanger = 10 aspmx.l.google.com. google.com mail exchanger = 30 alt2.aspmx.l.google.com. google.com mail exchanger = 50 alt4.aspmx.l.google.com. google.com mail exchanger = 40 alt3.aspmx.l.google.com. google.com mail exchanger = 20 alt1.aspmx.l.google.com. Authoritative answers can be found from:
Find TXT Records for Domain
TXT records are useful for multiple types of records like DKIM, SPF, etc. You can find all TXT records configured for any domain using below command.
# nslookup -query=txt google.com
Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: google.com text = "v=spf1 include:_spf.google.com ~all" Authoritative answers can be found from:
Find All Records of Domain
Use -query=any to list all records for any domain.
# nslookup -query=any google.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: google.com
Address: 216.58.219.206
google.com has AAAA address 2607:f8b0:4006:80e::200e
google.com mail exchanger = 20 alt1.aspmx.l.google.com.
google.com mail exchanger = 40 alt3.aspmx.l.google.com.
google.com nameserver = ns2.google.com.
google.com nameserver = ns4.google.com.
google.com nameserver = ns3.google.com.
google.com rdata_257 = 0 issue "pki.goog"
google.com mail exchanger = 30 alt2.aspmx.l.google.com.
google.com mail exchanger = 10 aspmx.l.google.com.
google.com mail exchanger = 50 alt4.aspmx.l.google.com.
google.com text = "v=spf1 include:_spf.google.com ~all"
google.com nameserver = ns1.google.com.
google.com rdata_257 = 0 issue "symantec.com"
google.com
origin = ns2.google.com
mail addr = dns-admin.google.com
serial = 159912615
refresh = 900
retry = 900
expire = 1800
minimum = 60
Authoritative answers can be found from:
Nslookup in Interactive Mode
We can also use nslookup in interactive mode. To go in interactive mode type nslookup on console and press enter. You will get nslookup prompt like > . Here you can run the same query and get the information for domain from DNS server. For your understanding, I have added comments in between commands.
[email protected]:~# nslookup### Type domain name to get information from dns server > google.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: google.com Address: 172.217.10.46### Set the another specific dns server to query. > server 8.8.4.4 Default server: 8.8.4.4 Address: 8.8.4.4#53### Again try to get the dns information, This time nslookup connects to specified dns server. > google.com Server: 8.8.4.4 Address: 8.8.4.4#53 Non-authoritative answer: Name: google.com Address: 172.217.10.46### Set the query type. for example to get MX information set query=mx > set query=mx ### Again try to get the dns information, This time nslookup will show MX information for domain > google.com Server: 8.8.4.4 Address: 8.8.4.4#53 Non-authoritative answer: google.com mail exchanger = 30 alt2.aspmx.l.google.com. google.com mail exchanger = 50 alt4.aspmx.l.google.com. google.com mail exchanger = 40 alt3.aspmx.l.google.com. google.com mail exchanger = 10 aspmx.l.google.com. google.com mail exchanger = 20 alt1.aspmx.l.google.com. Authoritative answers can be found from:
Leave a Reply