What is Nslookup?
First, let’s talk about what Nslookup is – it is a small but very powerful network administration command-line software. It has a simple interface, but it is useful. The Nslookup command is available on many of the popular computer operating systems like Windows, macOS, and Linux distros. You can use it to perform DNS queries and receive: domain names or IP addresses, or any other specific DNS Records.
There are Nslookup online tools too. You can access such a site full of online network tools and search for the option for nslookup. You can define your query for a specific DNS record, to identify the domain, the port in use, and timeout in seconds. For better security, we recommend you to use the software on your computer.
If you want high speed, you must use Anycast DNS services! Check this article about Anycast DNS!
How to install the Nslookup command?
Nslookup command is present on most operating systems like Windows, macOS, and most Linux distributions. However, in case it is not on the Linux distro you have chosen, or you have previously uninstalled it, you can install it following these steps:
1. Check what distro do you use. We will show you how to install the Nslookup command on Ubuntu, Debian, Linux Mint, Kali Linux, CentOS, Fedora, Red Hat, Arch Linux, and Manjaro.
2. First, open the Terminal. You will need to have administrative privileges or be a sudo user. Based on the distribution you have, use one of the following commands.
For Ubuntu, Debian, Kali Linux, and Linux Mint:
$ sudo apt-get update
$ sudo apt-get install dnsutils
For CentOS, Fedora, and Red Hat:
$ sudo dnf install bind-utils
For CentOS, Fedora, and Red Hat (Earlier versions):
$ sudo yum install bind-utils
For Arch Linux and Manjaro:
$ sudo pacman -S dnsutils
3. Now, you are ready to use the Nslookup command on your device and try the examples below.
The Nslookup syntax is very simple, and you can use it the same on different OSes.
nslookup [-option] [name | -] [server]
Options. First, you will put the option you want to use with the domain name or IP address. The option can be related to the type of DNS record, timeout, a port in use, debugging, or another.
Name. Here you will put the hostname (domain name) or IP address. It is the target of your DNS query.
Additional Options. Depending on the query, you can add an extra option as a parameter.
Server. You can use the default server for your query or specify another one from where you want the DNS query to be performed.
Nslookup: command not found – how to fix it?
It is possible when you try to use the Nslookup command that you get an error saying that the command is not found. Don’t worry. The problem of missing the Nslookup command can be solved in a very simple way.
Nslookup is a part of the BIND utilities, together with two other popular commands – Dig command and Host command.
If the service was stopped, you would need to restart your Linux computer, and it will be running again.
In case that it is not working because it was deleted or missing. Please follow the steps from the previous part on “How to install Nslookup command”. After the installation, you will be ready to use it.
Here are the 10 most used Nslookup commands that will help you to understand better your domain’s management:
1. How to find the A record of а domain.
You can use this command to see how many A records are there and see the IP Addresses of each one.
$ nslookup example.com
Searching for e great Managed DNS service? Test ClouDNS for free!
2. How to check the NS records of a domain.
By checking the NS records, you can see which is the authoritative server for a specific domain.
$nslookup -type=ns example.com
3. How to query the SOA record of a domain.
With this one, you can see the start of authority and get information about the zone.
$nslookup -type=soa example.com
4. How to find the MX records responsible for the email exchange.
Here we are checking the MX records of the mail servers. You can see if all the mail servers are working well.
$ nslookup -query=mx example.com
5. How to find all of the available DNS records of a domain.
This lookup has a large scope. Here we want to see all the available DNS records. After seeing all of them, we can do specific lookups for different types of DNS records.
$ nslookup -type=any example.com
6. How to check the using of a specific DNS Server.
Apart from checking DNS records, you can use the Nslookup to review a particular DNS server and how it works. You can check if it is active or if it responds on time.
$ nslookup example.com ns1.nsexample.com
7. How to check the Reverse DNS Lookup.
Many times you check the A records to see the IPs of a domain, but sometimes you need to verify if an IP address is related to a specific domain. For that purpose, we need a reverse DNS lookup.
$ nslookup 10.20.30.40
8. How to check for a PTR record?
You can verify if an IP address belongs to a domain name by performing a reverse DNS query. For this purpose, you will need to check the PTR record that links an IP address to a domain name. You will need to put the IP address in reverse (22.214.171.124 changes to 126.96.36.199), and you need to add in-addr.arpa because it is stored in arpa’s top-level-domain.
$ nslookup -type=ptr 188.8.131.52.in-addr.arpa
9. How to change the timeout interval for a reply.
You can manually choose the timeout time in seconds. You can increase it to give more time for the server to respond. You can also shorter it to see which servers can respond quicker.
$ nslookup -timeout=20 example.com
10. How to enable debug mode.
Debug mode provides important and detailed information both for the question and for the received answer.
$ nslookup -debug example.com
Why you need to use it?
The Nslookup command is a very popular and powerful tool. So, it is not a surprise that a lot of administrators use it for testing and troubleshooting their networks. There are two main reasons why you need to use the Nslookup command.
- The first one is obviously for troubleshooting server connections. Thanks to its beneficial functionalities, you can get the information you need quickly. In addition, it is extremely easy to use, and it is available on every operating system (OS).
- The second reason is not so obvious, but it should not be neglected. That is security and safety. It can be helpful for protecting against different phishing attacks, which involve falsifying a domain name. Attackers use a misspelled domain name or trick users by adding or omitting a hyphen. Some examples are when they replace the numeral 1 for a lowercase l (examp1e.com), or the phishing domain could be insta-gram.com instead of instagram.com. These tactics are used to trick regular users and make it seem that an unfriendly site looks friendly and familiar. Nslookup can also help to prevent another malicious attempt – DNS cache poisoning. With this attack, criminals place fraudulent data and distribute it to the DNS recursive servers, pointing to a fake authoritative server.
Nslookup command alternatives
Nslookup is one of the popular command-line software for DNS probing. You can use it to monitor your network and spot problematic areas. If you are interested in similar tools, you can see Dig, and Host too. You can use them together or find one that covers all of your diagnostic needs.
- Dig: Also known as Domain Information Groper, Dig command is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers returned from the specified name server that are essential in diagnosing DNS servers.
- Host: The host command in Linux is a simple utility for performing DNS lookups. It’s designed to convert hostnames to IP addresses and vice versa. It can also discover more specific DNS records, such as MX records for mail servers.
Nslookup vs Ping
Though Nslookup and Ping fall under the umbrella of network administration tools, their functionalities differ. Nslookup is a built-in network command-line tool that debugs and finds information about your network, specifically your domain name servers (DNS). This includes the establishment of domain names or IP address mapping alongside any DNS-specific records.
On the flip side, Ping is essentially a diagnostic tool intended to test your network connectivity. It’s used to verify whether or not a host is reachable in a network by sending ICMP echo requests and waiting for a response. The main purpose of Ping is to measure round-trip time for packets sent from the source host to a destination computer.
Want to check your network connectivity? Try ClouDNS ICMP PIng monitoring service for free!
Nslookup vs WHOIS
Both Nslookup and WHOIS prove quite useful in retrieving network database information but they function on different levels. Nslookup operates as a query-oriented command used to access domain name servers and DNS-related details, such as an IP associated with a specific computer or domain name.
Meanwhile, WHOIS operates as a protocol used to query databases that record registered entities or assignees of an Internet resource. This includes domain names and IP address blocks. However, unlike Nslookup, WHOIS does not possess the capacity to access DNS servers. It’s primarily employed to identify the owner or registered user of a domain, and to obtain contact information associated with the domain, an IP network, or an autonomous system.
Need more details what is nslookup? Check the nslookup page on wikipedia.
The Nslookup command is a great utility that offers many functionalities. One of its main advantages is that it is available for all kinds of operating systems, like Windows, Linux, and macOS. In case you do not have it already, you can install it in several easy steps. When you are ready, you can start testing your network easily and quickly! The Nslookup command is amazing and stands out among the DNS probing commands!
Authoritative answer – This is the answer that originates from the DNS Server which has the information about the zone file.
Non-authoritative answer – When a nameserver is not in the list for the domain you did a lookup on.
Different port – By default, the DNS servers use port 53.
Hello! My name is Boyan Peychev, and I am the Founder and CEO of ClouDNS. I enjoy writing and sharing valuable information in a simple and easy-to-understand manner.