What is Nslookup?
First, let’s talk about what Nslookup is – it is a small but very powerful network administration command-line software. It has a simple interface, but it is useful. The Nslookup command is available on many of the popular computer operating systems like Windows, macOS, and Linux distros. You can use it to perform DNS queries and receive: domain names or IP addresses, or any other specific DNS Records.
There are Nslookup online tools too. You can access such a site full of online network tools and search for the option for nslookup. You can define your query for a specific DNS record, to identify the domain, the port in use, and timeout in seconds. For better security, we recommend you to use the software on your computer.
If you want high speed, you must use Anycast DNS services! Check this article about Anycast DNS!
How to install the Nslookup command?
Nslookup command is present on most operating systems like Windows, macOS, and most Linux distributions. However, in case it is not on the Linux distro you have chosen, or you have previously uninstalled it, you can install it following these steps:
1. Check what distro do you use. We will show you how to install the Nslookup command on Ubuntu, Debian, Linux Mint, Kali Linux, CentOS, Fedora, Red Hat, Arch Linux, and Manjaro.
2. First, open the Terminal. You will need to have administrative privileges or be a sudo user. Based on the distribution you have, use one of the following commands.
For Ubuntu, Debian, Kali Linux, and Linux Mint:
$ sudo apt-get update
$ sudo apt-get install dnsutils
For CentOS, Fedora, and Red Hat:
$ sudo dnf install bind-utils
For CentOS, Fedora, and Red Hat (Earlier versions):
$ sudo yum install bind-utils
For Arch Linux and Manjaro:
$ sudo pacman -S dnsutils
3. Now, you are ready to use the Nslookup command on your device and try the examples below.
The Nslookup syntax is very simple, and you can use it the same on different OSes.
nslookup [-option] [name | -] [server]
Options. First, you will put the option you want to use with the domain name or IP address. The option can be related to the type of DNS record, timeout, a port in use, debugging, or another.
Name. Here you will put the hostname (domain name) or IP address. It is the target of your DNS query.
Additional Options. Depending on the query, you can add an extra option as a parameter.
Server. You can use the default server for your query or specify another one from where you want the DNS query to be performed.
Nslookup: command not found – how to fix it?
It is possible when you try to use the Nslookup command that you get an error saying that the command is not found. Don’t worry. The problem of missing the Nslookup command can be solved in a very simple way.
Nslookup is a part of the BIND utilities, together with two other popular commands – Dig command and Host command.
If the service was stopped, you would need to restart your Linux computer, and it will be running again.
In case that it is not working because it was deleted or missing. Please follow the steps from the previous part on “How to install Nslookup command”. After the installation, you will be ready to use it.
Here are the 10 most used Nslookup commands that will help you to understand better your domain’s management:
1. How to find the A record of а domain.
You can use this command to see how many A records are there and see the IP Addresses of each one.
$ nslookup example.com
Searching for e great Managed DNS service? Test ClouDNS for free!
2. How to check the NS records of a domain.
By checking the NS records, you can see which is the authoritative server for a specific domain.
$nslookup -type=ns example.com
3. How to query the SOA record of a domain.
With this one, you can see the start of authority and get information about the zone.
$nslookup -type=soa example.com
30-day Free Trial for Premium Anycast DNS hosting
4. How to find the MX records responsible for the email exchange.
Here we are checking the MX records of the mail servers. You can see if all the mail servers are working well.
$ nslookup -query=mx example.com
5. How to find all of the available DNS records of a domain.
This lookup has a large scope. Here we want to see all the available DNS records. After seeing all of them, we can do specific lookups for different types of DNS records.
$ nslookup -type=any example.com
6. How to check the using of a specific DNS Server.
Apart from checking DNS records, you can use the Nslookup to review a particular DNS server and how it works. You can check if it is active or if it responds on time.
$ nslookup example.com ns1.nsexample.com
7. How to check the Reverse DNS Lookup.
Many times you check the A records to see the IPs of a domain, but sometimes you need to verify if an IP address is related to a specific domain. For that purpose, we need a reverse DNS lookup.
$ nslookup 10.20.30.40
8. How to check for a PTR record?
You can verify if an IP address belongs to a domain name by performing a reverse DNS query. For this purpose, you will need to check the PTR record that links an IP address to a domain name. You will need to put the IP address in reverse (184.108.40.206 changes to 220.127.116.11), and you need to add in-addr.arpa because it is stored in arpa’s top-level-domain.
$ nslookup -type=ptr 18.104.22.168.in-addr.arpa
9. How to change the timeout interval for a reply.
You can manually choose the timeout time in seconds. You can increase it to give more time for the server to respond. You can also shorter it to see which servers can respond quicker.
$ nslookup -timeout=20 example.com
10. How to enable debug mode.
Debug mode provides important and detailed information both for the question and for the received answer.
$ nslookup -debug example.com
Why you need to use it?
The Nslookup command is a very popular and powerful tool. So, it is not a surprise that a lot of administrators use it for testing and troubleshooting their networks. There are two main reasons why you need to use the Nslookup command.
- The first one is obviously for troubleshooting server connections. Thanks to its beneficial functionalities, you can get the information you need quickly. In addition, it is extremely easy to use, and it is available on every operating system (OS).
- The second reason is not so obvious, but it should not be neglected. That is security and safety. It can be helpful for protecting against different phishing attacks, which involve falsifying a domain name. Attackers use a misspelled domain name or trick users by adding or omitting a hyphen. Some examples are when they replace the numeral 1 for a lowercase l (examp1e.com), or the phishing domain could be insta-gram.com instead of instagram.com. These tactics are used to trick regular users and make it seem that an unfriendly site looks friendly and familiar. Nslookup can also help to prevent another malicious attempt – DNS cache poisoning. With this attack, criminals place fraudulent data and distribute it to the DNS recursive servers, pointing to a fake authoritative server.
Nslookup command alternatives
Nslookup is one of the popular command-line software for DNS probing. You can use it to monitor your network and spot problematic areas. If you are interested in similar tools, you can see Ping, Traceroute, Dig, and Host too. You can use them together or find one that covers all of your diagnostic needs.
Need more details what is nslookup? Check the nslookup page on wikipedia.
The Nslookup command is a great utility that offers many functionalities. One of its main advantages is that it is available for all kinds of operating systems, like Windows, Linux, and macOS. In case you do not have it already, you can install it in several easy steps. When you are ready, you can start testing your network easily and quickly! The Nslookup command is amazing and stands out among the DNS probing commands!
Authoritative answer – This is the answer that originates from the DNS Server which has the information about the zone file.
Non-authoritative answer – When a nameserver is not in the list for the domain you did a lookup on.
Different port – By default, the DNS servers use port 53.
30-day Free Trial for Premium Anycast DNS hosting
Hello! My name is Boyan Peychev, and I am the Founder and CEO of ClouDNS. I enjoy writing and sharing valuable information in a simple and easy-to-understand manner.
deprecated – should have the 10 most used used DIG commands.
Thanks! Already working on this. Article for DIG is coming soon!
“nslookup is deprecated”: Yeah, I’ve been hearing this for –literally– more than a decade now. In reality though, I’m still waiting to meet someone who actually uses dig instead of nslookup… So in my book, this article is extremely useful. 🙂
I use dig almost exclusively and require my Ops center people to use it when troubleshooting before I’ll answer questions for them. 😉 It would be really helpful if MS would put it in Windows, though…
can we know how many live ip address are using our local network by using nslookup commands? If yes, Please guide. Thank You
Hi Mithun, you can’t do this with nslookup.
Hi, can I find the subnet mask of an IP with NSLookup ?
No – masking is a function of routing not Name Resolution.