Table of Contents
- Overview
- Installation
- Basic Usage
- Query Types
- Interactive Mode
- Advanced Options
- Troubleshooting
- Best Practices
Overview
nslookup is a network administration tool for querying DNS servers to obtain domain name or IP address mapping information. While considered legacy in some contexts, it remains widely used due to its simplicity and availability across platforms.
Key Features
- DNS record querying
- Reverse DNS lookups
- Interactive query mode
- Server selection
- Multiple record type support
- Cross-platform compatibility
Installation
Ubuntu (22.04/24.04)
sudo apt update
sudo apt install dnsutilsmacOS
# Pre-installed on macOS
# No installation neededBasic Usage
Simple Queries
# Basic domain lookup
nslookup example.com
# IP address lookup (reverse DNS)
nslookup 8.8.8.8
# Using specific DNS server
nslookup example.com 8.8.8.8Command Format
# General syntax
nslookup [-option] [name | -] [server]
# Example with specific server
nslookup example.com 1.1.1.1Query Types
Common Record Types
# A record (IPv4)
nslookup -type=A example.com
# AAAA record (IPv6)
nslookup -type=AAAA example.com
# MX record (Mail)
nslookup -type=MX example.com
# NS record (Nameserver)
nslookup -type=NS example.com
# SOA record (Start of Authority)
nslookup -type=SOA example.com
# TXT record
nslookup -type=TXT example.com
# CNAME record
nslookup -type=CNAME www.example.comMultiple Record Query
# Query all records
nslookup -type=ANY example.com
# Query specific multiple records
nslookup -query=MX example.com
nslookup -query=NS example.comInteractive Mode
Basic Interactive Commands
# Enter interactive mode
nslookup
> server 8.8.8.8
> set type=A
> example.com
> exitInteractive Mode Options
# Common commands in interactive mode
> set all # Show current settings
> set type=ANY # Set query type
> set debug # Enable debug mode
> set nodebug # Disable debug mode
> help # Show helpServer Selection
# Change DNS server
> server 1.1.1.1
> server 8.8.8.8
# View current server
> set allAdvanced Options
Debug Options
# Enable debugging
nslookup -debug example.com
# Verbose output
nslookup -debug -verbose example.comQuery Control
# Set timeout
nslookup -timeout=5 example.com
# Disable recursion
nslookup -norecurse example.com
# Use TCP instead of UDP
nslookup -vc example.comOutput Control
# Show detailed information
nslookup -debug example.com
# Display only answer
nslookup -type=A -noquestion example.comTroubleshooting
Common Issues
- DNS Resolution Problems
# Check with different DNS server
nslookup example.com 8.8.8.8
nslookup example.com 1.1.1.1
# Verify authoritative servers
nslookup -type=NS example.com- Reverse DNS Issues
# Check reverse DNS
nslookup IP_ADDRESS
# Verify PTR record
nslookup -type=PTR IP_ADDRESS- Connection Problems
# Test with TCP
nslookup -vc example.com
# Increase timeout
nslookup -timeout=10 example.comDebug Mode
# Enable debugging
nslookup -debug example.com
# Show query path
nslookup -trace example.comBest Practices
DNS Server Testing
# Test multiple DNS servers
nslookup example.com 8.8.8.8
nslookup example.com 1.1.1.1
nslookup example.com 9.9.9.9Record Verification
# Verify critical records
nslookup -type=MX domain.com
nslookup -type=NS domain.com
nslookup -type=SOA domain.comSecurity Checks
# Check SPF records
nslookup -type=TXT domain.com
# Verify DMARC
nslookup -type=TXT _dmarc.domain.comQuick Reference
Essential Commands
# Basic lookup
nslookup example.com
# Specific record type
nslookup -type=A example.com
# Reverse lookup
nslookup IP_ADDRESS
# Using specific server
nslookup example.com 8.8.8.8Common Options
# Query types
-type=A # IPv4 address
-type=AAAA # IPv6 address
-type=MX # Mail server
-type=NS # Name server
-type=PTR # Pointer record
-type=SOA # Start of authority
-type=TXT # Text record
# Other options
-debug # Enable debugging
-timeout=N # Set timeout
-query=TYPE # Specify query type
-norecurse # Disable recursionInteractive Mode Commands
# Enter interactive mode
nslookup
> server DNS_SERVER
> set type=RECORD_TYPE
> domain.com
> exitExamples for Common Tasks
Mail Server Verification
# Check mail records
nslookup -type=MX domain.com
# Verify SPF
nslookup -type=TXT domain.comDomain Configuration
# Check all NS records
nslookup -type=NS domain.com
# Verify SOA record
nslookup -type=SOA domain.comSecurity Checks
# DMARC verification
nslookup -type=TXT _dmarc.domain.com
# DKIM verification
nslookup -type=TXT selector._domainkey.domain.comRemember:
- Always verify critical DNS records
- Use multiple DNS servers for validation
- Document query results
- Consider using modern alternatives (dig) for advanced tasks
- Keep timeout values reasonable
For more detailed information, consult the man pages (man nslookup).