Jump to content
Aerosol

Nslookup tutorial -troubleshooting DNS

Recommended Posts

Posted

Nslookup is a great utility specially designed for troubleshooting Domain Name System (DNS) servers and finding DNS related problems. The name means "name server lookup" - nslookup, but tool itself can be used for manual name resolution querying against DNS servers, getting information about the DNS configuration, getting DNS records and IP addresses of a particular netowrk resource, mail servers of domain, name servers (NS) and general DNS server diagnosis.

It's available on most of todays modern operating systems including Windows and Linux/Unix like, and can be easily accessed from command prompt by simple entering "nslookup" command.

Basic syntax and usage

To access nslookup on Windows, open command promt by going to Start > run and enter "cmd".

Once in cmd, simply enter nslookup which will start the tool and bring You in 'interactive' mode :

run_cmd.jpg

and provide You with information of name and IP address of the DNS server it is using:

C:\>nslookup
Default Server: google-public-dns-a.google.com
Address: 8.8.8.8

> quit
C:\>

To perform a DNS lookup, You can simply enter 'nslookup' folowing the domain you would like to query:

 C:\>nslookup ittutorials.org
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Non-authoritative answer:
Name: ittutorials.org
Address: 64.37.52.52

C:\>

(In the example above, for our query we got the IP address of a server which is hoting the site, but as it can be seen the answer is Non-authoritative. This is because Nslookup assumes that you are querying your internal domain from your local private network. However, nslookup in this case queries an external domain for which our chosen DSN server google-public-dns-a.google.com is not authoritative.)

Finding authoritative server

To find authoritative name serve for specific external domain, first we have to enter interactive mode. Once in nslookup, we have to setup SOA query type "set type=SOA" which will basicly ask our DNS server who is responsible for domain we're looking for. SOA or Start of Authority record tells us exactly which DNS name server is responsible for specific zone or domain:

C:\> nslookup
Default Server: google-public-dns-a.google.com
Address: 8.8.8.8

> set type=SOA
>
> ittutorials.org
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Non-authoritative answer:
ittutorials.org
primary name server = 1.nsjet.com
responsible mail addr = colo.minmaxgroup.com
serial = 2012110500
refresh = 86400 (1 day)
retry = 7200 (2 hours)
expire = 3600000 (41 days 16 hours)
default TTL = 86400 (1 day)
>
> server 1.nsjet.com
Default Server: 1.nsjet.com
Address: 198.136.54.12

> ittutorials.org
Server: 1.nsjet.com
Address: 198.136.54.12

ittutorials.org
primary name server = 1.nsjet.com
responsible mail addr = colo.minmaxgroup.com
serial = 2012110500
refresh = 86400 (1 day)
retry = 7200 (2 hours)
expire = 3600000 (41 days 16 hours)
default TTL = 86400 (1 day)
>

Once SOA query type is set, we can ask for a domain simply by entering it's FQDN (Fully qualified domain name) - ittutorials.org for example. The field "primary name server" tells us authoritative DNS server of domain we just queried.

Querying authoritative server

One we got the name of the authoritative server, to query it instead of non-authoritative one, we can simply enter "server" after which folow the FQDN of a server:

> server 1.nsjet.com
Default Server: 1.nsjet.com
Address: 198.136.54.12
>
>

Now querying authoritative server for a domin, gives us an authoritative answer:

> ittutorials.org
Server: 1.nsjet.com
Address: 198.136.54.12

ittutorials.org nameserver = 1.nsjet.com
ittutorials.org nameserver = 2.nsjet.com
1.nsjet.com internet address = 198.136.54.12
>
>

We can also query many diferent types, depending on what kind of DNS zone records we want to get. For example to find out which email server is responsible for mail exchange in a domain, we can setup an query MX (mail exchanger) record:

> set type=mx
> ittutorials.org
Server: 1.nsjet.com
Address: 198.136.54.12

ittutorials.org MX preference = 0, mail exchanger = ittutorials.org
ittutorials.org internet address = 64.37.52.52
>

In the example above, the MX record for ittutorials.org points to ittutorials.org 64.37.52.52, which is in this case the address of both, web an email server for ittutorials.org.

Source

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...