Skip to main content

nslookup

NSLOOKUP

Linux Nslookup Commands to Troubleshoot DNS (Domain Name Server)

nslookup is a command-line administrative tool for testing and troubleshooting DNS servers (Domain Name Server). It is used to query specific DNS resource records (RR) as well. Most operating systems comes with built-in nslookup feature.

This article demonstrates widely used nslookup command in detail. Nslookup can be run in two modes: Interactive and Non-Interactive. The Interactive mode is used to query DNS-Server about various domains and hosts. Non-Interactive mode is used to query about information of a domain or host.
You might also be interested in following article :

 

1. Find out “A” record (IP address) of Domain

# nslookup yahoo.com
 
Server:         4.2.2.2
Address:        4.2.2.2#53
 
Non-authoritative answer:
Name:   yahoo.com
Address: 72.30.38.140
Name:   yahoo.com
Address: 98.139.183.24
Name:   yahoo.com
Address: 209.191.122.70
Above command query domain www.yahoo.com with 4.2.2.2 public DNS server and below section shows Non-authoritative answer: displays A record of www.yahoo.com

2. Find out Reverse Domain Lookup

# nslookup 209.191.122.70
 
Server:         4.2.2.2
Address:        4.2.2.2#53
 
Non-authoritative answer:
70.122.191.209.in-addr.arpa     name = ir1.fp.vip.mud.yahoo.com.
 
Authoritative answers can be found from:

3. Find out specific Domain Lookup.

# nslookup ir1.fp.vip.mud.yahoo.com.
 
Server:         4.2.2.2
Address:        4.2.2.2#53
 
Non-authoritative answer:
Name:   ir1.fp.vip.mud.yahoo.com
Address: 209.191.122.70

4. To Query MX (Mail Exchange) record.

# nslookup -query=mx www.yahoo.com
 
Server:         4.2.2.2
Address:        4.2.2.2#53
 
Non-authoritative answer:
www.yahoo.com   canonical name = fd-fp3.wg1.b.yahoo.com.
fd-fp3.wg1.b.yahoo.com  canonical name = ds-fp3.wg1.b.yahoo.com.
ds-fp3.wg1.b.yahoo.com  canonical name = ds-any-fp3-lfb.wa1.b.yahoo.com.
ds-any-fp3-lfb.wa1.b.yahoo.com  canonical name = ds-any-fp3-real.wa1.b.yahoo.com.
 
Authoritative answers can be found from:
wa1.b.yahoo.com
        origin = yf1.yahoo.com
        mail addr = hostmaster.yahoo-inc.com
        serial = 1344827307
        refresh = 30
        retry = 30
        expire = 86400
        minimum = 1800
MX record is being used to map a domain name to a list of mail exchange servers for that domain. So that it tells that whatever mail received / sent to @yahoo.com will be routed to mail server.

5. To query NS(Name Server) record.

# nslookup -query=ns www.yahoo.com
 
Server:         4.2.2.2
Address:        4.2.2.2#53
 
Non-authoritative answer:
www.yahoo.com   canonical name = fd-fp3.wg1.b.yahoo.com.
fd-fp3.wg1.b.yahoo.com  canonical name = ds-fp3.wg1.b.yahoo.com.
ds-fp3.wg1.b.yahoo.com  canonical name = ds-any-fp3-lfb.wa1.b.yahoo.com.
ds-any-fp3-lfb.wa1.b.yahoo.com  canonical name = ds-any-fp3-real.wa1.b.yahoo.com.
 
Authoritative answers can be found from:
wa1.b.yahoo.com
        origin = yf1.yahoo.com
        mail addr = hostmaster.yahoo-inc.com
        serial = 1344827782
        refresh = 30
        retry = 30
        expire = 86400
        minimum = 1800

6. To query SOA (Start of Authority) record.

# nslookup -type=soa www.yahoo.com
 
Server:         4.2.2.2
Address:        4.2.2.2#53
 
Non-authoritative answer:
www.yahoo.com   canonical name = fd-fp3.wg1.b.yahoo.com.
fd-fp3.wg1.b.yahoo.com  canonical name = ds-fp3.wg1.b.yahoo.com.
ds-fp3.wg1.b.yahoo.com  canonical name = ds-any-fp3-lfb.wa1.b.yahoo.com.
ds-any-fp3-lfb.wa1.b.yahoo.com  canonical name = ds-any-fp3-real.wa1.b.yahoo.com.
 
Authoritative answers can be found from:
wa1.b.yahoo.com
        origin = yf1.yahoo.com
        mail addr = hostmaster.yahoo-inc.com
        serial = 1344827965
        refresh = 30
        retry = 30
        expire = 86400
        minimum = 1800

7. To query all Available DNS records.

# nslookup -query=any yahoo.com
 
Server:         4.2.2.2
Address:        4.2.2.2#53
 
Non-authoritative answer:
yahoo.com
        origin = ns1.yahoo.com
        mail addr = hostmaster.yahoo-inc.com
        serial = 2012081016
        refresh = 3600
        retry = 300
        expire = 1814400
        minimum = 600
Name:   yahoo.com
Address: 98.139.183.24
Name:   yahoo.com
Address: 209.191.122.70
Name:   yahoo.com
Address: 72.30.38.140
yahoo.com       mail exchanger = 1 mta7.am0.yahoodns.net.
yahoo.com       mail exchanger = 1 mta5.am0.yahoodns.net.
yahoo.com       mail exchanger = 1 mta6.am0.yahoodns.net.
yahoo.com       nameserver = ns3.yahoo.com.
yahoo.com       nameserver = ns4.yahoo.com.
yahoo.com       nameserver = ns2.yahoo.com.
yahoo.com       nameserver = ns8.yahoo.com.
yahoo.com       nameserver = ns1.yahoo.com.
yahoo.com       nameserver = ns6.yahoo.com.
yahoo.com       nameserver = ns5.yahoo.com.
 
Authoritative answers can be found from:

8. Enable Debug mode

To enable Debug Mode ‘set debug’ will return you verbose information like TTL, here’s the output.
# nslookup -debug yahoo.com
 
> set debug
> yahoo.com
Server:         4.2.2.2
Address:        4.2.2.2#53
 
------------
    QUESTIONS:
        yahoo.com, type = A, class = IN
    ANSWERS:
    ->  yahoo.com
        internet address = 72.30.38.140
        ttl = 1523
    ->  yahoo.com
        internet address = 98.139.183.24
        ttl = 1523
    ->  yahoo.com
        internet address = 209.191.122.70
        ttl = 1523
    AUTHORITY RECORDS:
    ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name:   yahoo.com
Address: 72.30.38.140
Name:   yahoo.com
Address: 98.139.183.24
Name:   yahoo.com
Address: 209.191.122.70

 

Comments

Post a Comment

Popular posts from this blog

sed

Sed Command in Linux/Unix with examples SED command in UNIX is stands for stream editor and it can perform lot’s of function on file like, searching, find and replace, insertion or deletion. Though most common use of SED command in UNIX is for substitution or for find and replace. By using SED you can edit files even without opening it, which is much quicker way to find and replace something in file, than first opening that file in VI Editor and then changing it. o     SED is a powerful text stream editor. Can do insertion, deletion, search and replace(substitution). o     SED command in unix supports regular expression which allows it perform complex pattern matching. Syntax: sed OPTIONS... [SCRIPT] [INPUTFILE...] Example: Consider the below text file as an input. $cat > geekfile.txt unix is great os. unix is opensource. unix is free os. learn operating system. unixlinux which one you choose. unix is easy to learn.unix ...
Post a Comment
Read more

initramfs" file is deleted or corrupted on your RHEL or CentOS 7

Initrd/Initramfs image provides the capability to load a RAM disk by the boot loader. This RAM disk can then be mounted as the root filesystem and programs can be run from it. Afterwards, a new root file system can be mounted from a different device. The previous root filesystem which was mounted from initrd/initramfs is then moved to a directory and can be subsequently unmounted. Their are chances that either you might have accidentally deleted "initramfs" file from the /boot partition or it is corrupted due to some reason.  Then boot process will get interrupted and you will see below error: error: file '/initramfs-3.10.0-957.el7.x86_64.img' not found. Good news is you can still recover this "initramfs" by following below steps: Step 1 :  Mount RHEL or CentOS 7 ISO image on your physical server and boot from it. In case you are using HPE Prolient server you can mount this ISO image on iLO, if this is virtual environment then mount it accordingly and reboot...
Post a Comment
Read more

nw commands

troubleshoot commands in Linux.   1. ifconfig ifconfig (interface configurator) command   is use to initialize an interface, assign IP  Address to interface and enable or disable  interface on demand. With this command  you can view IP Address and Hardware / MAC   address assign to interface and also MTU (Maximum transmission unit) size. # ifconfig   eth0       Link encap:EthernetHWaddr 00:0C:29:28:FD:4C inet addr:192.168.50.2   Bcast:192.168.50.255   Mask:255.255.255.0           inet6 addr: fe80::20c:29ff:fe28:fd4c/64 Scope:Link           UP BROADCAST RUNNING MULTICAST   MTU:1500   Metric:1           RX packets:6093 errors:0 dropped:0 overruns:0 frame:0  ...
3 comments
Read more
# # #