If you don’t know what Nslookup is, it’s time to learn and get familiar with it. It is a very useful tool that would save you time troubleshooting DNS problems, such as host name resolution, DNS records, etc., since a lot of network problems are related to DNS. It’s an old school command line that’s been around for many years but is still useful and handy nowadays with even so many advanced networking tools available.
This post is to show you what Nslookup is, how it works, and what we can do with it.
To start Nslookup
To start, simply type Nslookup in the command prompt window. It shows the host name and IP address of the DNS server configured for your local computer.
In this case, I have my router configured as default DNS server, therefore the host name shows unknown because it doesn’t have a valid host name associated with it. Because the DNS is set to use my default router, all DNS query will go through it to the external DNS server set up on my Router, which is set by default to my ISP.
Also note that the command displays a command prompt waiting for the further queries after the initial info. If you don’t know what to type, you can type a question mark ? and press enter for all available commands. To exit, type exit.
To look up a host’s IP
To look up an IP address of a host, simply type the host name which could be a domain name if the host you want to check is a website.
Nslookup uses my default DNS setting to execute the DNS query to find the IP info of the host. If for some reason the DNS server you have set up isn’t working properly because you can’t access internet from any of your browser, it’s time to troubleshoot the problem using a different DNS server.
You can switch to any of the public DNS listed above to see if your network problem is indeed something related to DNS. For example, to switch to Google Public DNS, you can type
server 18.104.22.168 and press enter. Then type the host name again to look up the IP address of it.
A quick compare between these information would tell you quickly whether your DNS setup on your computer is functioning properly.
To query a specific type of DNS record
The default look-up in Nslookup is to return the IP address for the specified host name or domain, which is basically the “A” records in DNS. But you can look up the other type of DNS information too, such as MX, CNAME, or any other types.
For example, to find what mail server this website uses, run the following command first, and type the host name again.
You can also use the command ls to list the records for the domain but since most of the domain has their zone transfer disabled for security reason, you often get the message “can’t list domain xxx: query failed” that basically returns nothing for you.
The debug mode
Nslookup also has a debug mode that’s quite helpful. You can turn it on by typing
set debug or
set d2 which provides more greater detail information. Once the debug mode is on, Nslookup shows up the steps being taken along the way to complete its command, see the example from the screenshot below:
That’s it for today. Have you had any fun yet with this command line?