Ads by Google

Get This Pop-up Window


Friday, 5 December 2014

How to : nslookup Common Usage Examples

NSLOOKUP is a basic command line utility for DNS queries, it’s built into Windows and should be a tool you’re familiar with. Here are some real world examples which I deem common queries.
Query A and PTR records
This is as straight forward as you can get. NSLOOKUP FQDN or NSLOOKUP x.x.x.x
Nslookup Query
Query A and PTR records from another Name-server
You can query other name-servers to the one your client is configured with by adding the NS IP onto the end of the query, for example to use an OpenDNS NS (208.67.222.222) you’d type:
1
NSLOOKUP FQDN 208.67.222.222
or
1
NSLOOKUP x.x.x.x 208.67.222.222
Nslookup Query Alt NS
You may notice the non-authoritative answer, this simply means the name-server queried does not hold the entire zone for the domain (in other words it doesn’t have every single record)… more on that later.
Query other types of records
You can query pretty much any other type of record (see the full list here:http://technet.microsoft.com/en-us/library/bb490745.aspx) with the set type= or querytype= command. The single line command would be:
1
nslookup -querytype=mx bbc.co.uk
The interactive mode command would be:
1
2
3
nslookup
set type=mx
bbc.co.uk
You can query another NS by appending the NS onto the end like the previous examples. If you have multiple records to lookup you might decide to head into interactive mode (see below). In interactive mode you can change the queried NS by using server 208.67.222.222.
NSlookup Query type
Nslookup Full mode
Remember I mentioned earlier about non-authoritative answers? So, below what I’ve done is I’ve queried for the name servers for the bbc.co.uk and then queried them directly.
Nslookup Auth NS
You can do a lot more with nslookup for example use ‘set debug’ will give you verbose information on a record including things like TTL, here’s the output:
NSlookup set debug
I hope this gives you the basics and some good real world examples…