nslookup Command in Linux
nslookup is a handy command-line tool in Unix and Linux for querying the Domain Name System (DNS) to obtain domain name or IP address mapping.
The nslookup program has two modes −
- Interactive Mode − This mode allows users to query name servers for information about various hosts and domains or to print a list of hosts in a domain.
- Non-Interactive Mode − This mode is used to print just the name and requested information for a specific host or domain.
Interactive mode is entered in the following cases −
| Tag | Description |
|---|---|
| 1 | When no arguments are given, the default name server will be used. |
| 2 | When the first argument is a hyphen (-) and the second argument is the host name or Internet address of a name server |
Non-interactive mode is used when the name or Internet address of the host to be looked up is given as the first argument. The optional second argument specifies the host name or address of a name server.
Interactive Commands
- host [server] − Look up information for host using the current default server or using the specified server. If the host is an Internet address and the query type is A or PTR, the name of the host is returned. If the host is a name and does not have a trailing period, the search list is used to qualify the name. To look up a host not in the current domain, append a period to the name.
- server domain / lserver domain − Change the default server to the specified domain. lserver uses the initial server to look up information about the domain, while server uses the current default server. If an authoritative answer cannot be found, the names of servers that might have the answer are returned.
- exit − Exits the program.
The set command is used within the nslookup program to change various state settings that affect how lookups are performed. It allows users to modify parameters and control various aspects of their DNS queries while using nslookup.
Valid keywords include −
| Tag | Description |
|---|---|
| all | Prints the current values of frequently used options. Information about the current default server and host is also printed. |
| class=value | Changes the query class to one of: IN (Internet class), CH (Chaos class), HS (Hesiod class), ANY (wildcard). |
| [no]debug | Turns on or off the display of the full response packet and any intermediate response packets when searching. |
| [no]d2 | Turns debugging mode on or off. This displays more about what nslookup is doing. |
| domain=name | Sets the search list to the specified name. |
| [no]search | If the lookup request contains at least one period but does not end with a trailing period, it appends the domain names in the domain search list to the request until an answer is received. |
| port=value | Changes the default TCP/UDP name server port to the specified value. |
| querytype=value / type=value | Changes the type of the information query. |
| [no]recurse | Tells the name server to query other servers if it does not have the information. |
| retry=number | Sets the number of retries to the specified number. |
| timeout=number | Changes the initial timeout interval for waiting for a reply to the specified number of seconds. |
| [no]vc | Always uses a virtual circuit when sending requests to the server. |
| [no]fail | Tries the next nameserver if a nameserver responds with SERVFAIL or a referral (nofail) or terminates the query (fail) on such a response. |
Table of Contents
Here is a comprehensive guide to the options available with the nslookup command −
Syntax of nslookup Command
The general syntax for the nslookup command is as follows −
nslookup [-option] [name | -] [server]
Examples of nslookup Command in Linux
The following examples illustrate how versatile the nslookup command can be for various DNS query scenarios:
- Find the IP Address of a Domain
- Query a Specific DNS Server
- Find Mail Exchange (MX) Records
- Find Name Server (NS) Records
- Enable Debugging Mode
- Set a Custom Timeout
- Use Interactive Mode
Find the IP Address of a Domain
To find the IP address of a specific domain, simply run the following command −
sudo nslookup example.com
This command queries the default DNS server for the IP address associated with example.com.
Query a Specific DNS Server
If you want to query a specific DNS server, you can use this command −
sudo nslookup example.com 8.8.8.8
This command directs the query to Google's public DNS server (8.8.8.8) instead of the default DNS server. The output will show the IP address for example.com as resolved by Google's DNS server.
Find Mail Exchange (MX) Records
To find the mail exchange records for a domain, use the following command −
sudo nslookup -type=MX example.com
This command queries the DNS server for the mail exchange records of example.com, which specify the mail servers responsible for receiving email on behalf of the domain.
Find Name Server (NS) Records
To find the name server records for a domain, run the following command −
sudo nslookup -type=NS example.com
This command retrieves the name server records for example.com, which indicate the authoritative DNS servers for the domain.
Enable Debugging Mode
If you want more detailed information about the query process, enable debugging mode with this command −
sudo nslookup -debug example.com
This command displays the complete DNS query and response, including additional details that can help troubleshoot DNS issues.
Set a Custom Timeout
To set a custom timeout for the query, use the following command −
sudo nslookup -timeout=10 example.com
This command sets the timeout interval to 10 seconds, allowing the query to wait longer for a response from the DNS server.
Use Interactive Mode
To start nslookup in interactive mode, simply run −
sudo nslookup
In interactive mode, you can enter multiple DNS queries without restarting the command each time. For example −
> set querytype= > example.com > set querytype=MX > example.com
This allows you to change query types and perform various DNS lookups efficiently.
Conclusion
The nslookup command is an essential tool for anyone working with DNS systems on Unix and Linux platforms. Its versatility, offering both interactive and non-interactive modes, makes it ideal for a wide range of DNS query tasks—from finding IP addresses to examining specific DNS records like MX and NS.
By using the various options and commands within nslookup, you can customize queries, troubleshoot DNS issues, and gain valuable insights into the structure and configuration of domain names.
Whether you are a network administrator or just someone interested in DNS, understanding how to effectively use nslookup will empower you to better manage and resolve DNS-related queries.