nslookup is a network administration command-line tool available for many computer operating systems.
It is used for querying the Domain Name System (DNS) to obtain domain name or IP address mapping information .- Wiki
The main use of nslookup is for troubleshooting DNS related problems.
Nslookup can be use in interactive and non-interactive mode.
To use in interactive mode type nslookup at the command line and hit return.
You should get an nslookup command prompt.
To use in non-interactive mode type nslookup options at the command prompt.
Using Nslookup
To illustrate the use of nslookup we are going to use it to:
- Find the IP address of a host.
- Find the domain name of an IP address.
- Find mail servers for a domain.
These are probably the most common usage scenarios.
Finding The IP Address of an Host-
To find the ip address of a host e.g. www.steves-internet-guide.com type:
nslookup www.steves-internet-guide.com
at a command prompt.
for an interactive lookup:
Reverse Lookup IP address to domain name
Type nslookup IP address
Find Mail Servers for a Domain
Type nslookup -querytype=mx domain name
General Usage Notes:
- By default nslookup will use the domain server that is currently configured for your system.
You can switch DNS servers using server name or server IP address option.
To switch to using the open dns server address 208.67.222.222 then go to an interactive prompt and type:
server 208.67.222.222
2. You may notice that you get non authoritative answers.
This is nothing to worry about as all it means is that the DNS server has already recently resolved this query.
It can retrieve the results from cache, and doesn’t need to contact the authoritative name server.
You can find out which name servers are responsible (authoritative) for a domain by setting the query type to NS and entering the domain name as shown below:
Common Questions
Q- Can I use dig instead of Nslookup?
A– Yes Dig was initially meant to replace nslookup but didn’t. See Wiki – Dig isn’t found on Windows.
Summary
Nslookup is a very handy tool for troubleshooting DNS related network problems.
It is available on all of the main Operating systems and can be used in interactive and command line mode.
Resources:
DNS and Bind Book – The definitive guide. This has an entire section on Nslookup.
Related Tutorials:
- Beginners guide to DNS
- Understanding the Domain Name structure
- DNS Lookups Explained
- Understanding and Using the Hosts File
Does the browser use a different way from nslookup to get domain information ?
Nslookup for example following answer: “Can’t find cloudfront.net: No answer”. I am blocking the request using the “pihole” dns server.
When I open the url with firefox I get:
AccessDeniedAccess Denied
TANBF8CPQQGCJVH9
eFvK9ttMeN6etJIS6OEFsZCuKAy5/k+AdEcgDAo07H7G+leU+srJZDk9FbKNi9dprM39xtY6HHw=
The url is: https://d2wu036mkcz52n.cloudfront.net/
Both nslookup and the browser use the same protocol to resolve the name but obviously the code is different. Not sure of the problem as both nslookup and firefox fail
Is there a way to limit the information returned? For example, if I only want to see the fully-qualified domain name and don’t care about the other fields? Or do I have to filter the output myself?
Yes you will need to do it yourself as far as I know
rgds
Steve
it very clear & useful
Cheers
Satish
This is a clear and helpful article, thanks. I did note a typo though near the top of the article – the sentence “To use in interactive mode type nslookp at the command line and hit return” should read “To use in interactive mode type nslookup at the command line and hit return” (missing “u” in “nslookup”). Cheers.
tks I’ll correct it
Really Helpful.
I personally use https://whatismyip.live/dns-lookup tool to find all above information with just a click. I get Ip address, IP Location, Name servers, DNS records such as TXT, MX records etc.