What Entry Is Made at the Command Prompt in Unix/linux to Display Dns Server Information?
Linux nslookup control
Updated: 11/06/2021 by Computer Hope
On Unix-like operating systems, the nslookup control queries Internet name servers interactively for information.
Description
nslookup, which stands for "name server lookup", finds information about a named domain.
By default, nslookup translates a domain name to an IP address (or vice versa). For instance, to find the IP address of microsoft.com, yous could run the command:
nslookup microsoft.com
...and you would receive a response like this:
Server: 8.8.8.8 Address: 8.8.8.8#53 Non-administrative reply: Name: microsoft.com Address: 134.170.185.46 Name: microsoft.com Address: 134.170.188.221
Here, 8.eight.8.8 is the address of our system's Domain Name Server. This is the server our organisation is configured to utilize to translate domain names into IP addresses. "#53" indicates we are communicating with information technology on port 53, which is the standard port number domain name servers apply to have queries.
Below this, we have our lookup information for microsoft.com. Our name server returned two entries, 134.170.185.46 and 134.170.188.221. This indicates microsoft.com uses a circular robin setup to distribute server load. When you access micrsoft.com, y'all may be directed to either of these servers and your packets are routed to the correct destination.
You lot tin can run across that we have received a "Not-authoritative answer" to our query. An answer is "authoritative" merely if our DNS has the consummate zone file information for the domain in question. More often, our DNS has a cache of information representing the last authoritative answer it received when it made a similar query; this information is passed on to yous, and qualified as "not-administrative" by the server: the information was recently received from an authoritative source, just the DNS server is not itself that authority.
Reverse DNS lookups
We tin too perform the functioning higher up in reverse by providing the IP address rather than the domain name. For case, the command:
nslookup 134.170.185.46
...returns information resembling the following:
Server: 8.8.8.eight Accost: 8.8.8.eight#53 Non-authoritative reply: 46.185.170.134.in-addr.arpa proper noun = grv.microsoft.com. Administrative answers can be institute from:
Querying the NS record of a domain
The NS record of a domain is a map of all name servers that are authoritative for that domain. Yous can query a domain's NS record using the option -type=ns, like this:
nslookup -type=ns microsoft.com
...and the response resembles the following:
Server: 8.eight.8.8 Address: eight.8.8.8#53 Non-authoritative answer: microsoft.com nameserver = ns3.msft.net. microsoft.com nameserver = ns4.msft.net. microsoft.com nameserver = ns1.msft.net. microsoft.com nameserver = ns2.msft.cyberspace. Authoritative answers can be found from:
This output gives us the names of the four microsoft.com name servers (which actually belong to the msft.internet domain), according to our DNS'southward (non-administrative) information. If there is an available source for authoritative answers, it is listed at the lesser of the output.
Querying the MX record
The MX record is a map of mail exchange servers for a domain. When you transport an electronic mail to a domain, for example "@microsoft.com", mail is routed to Microsoft's MX servers.
Y'all tin query a domain for its MX tape using the -type=mx option. For example:
nslookup -type=mx microsoft.com
...responds with output resembling the following:
Server: 8.viii.8.eight Address: 8.8.eight.viii#53 Not-authoritative respond: microsoft.com mail exchanger = 10 microsoft-com.postal service.protection.outlook.com. Authoritative answers can be found from:
Here, the mail exchanger accost is prefixed with a number (10). If there were more than than ane mail service exchanger, they would each have a different number, with the lower numbers representing a higher priority. So if at that place were another exchanger with the prefix v, that server would take precedence over the server listed here.
Querying the SOA record
The SOA (Showtime Of Authority) record for a domain provides technical information about the domain. It tin be queried with the selection -type=soa.
nslookup -blazon=soa microsoft.com
Server: 8.8.eight.8 Accost: viii.8.eight.8#53 Non-administrative answer: microsoft.com origin = ns1.msft.internet mail addr = msnhst.microsoft.com serial = 2014110802 refresh = 7200 retry = 600 expire = 2419200 minimum = 3600 Authoritative answers tin can be establish from:
The information listed here is the cached version held by our domain name server. It includes:
- origin: The dominance from which the information originated.
- mail addr: The e-mail address of the domain administrator (the first dot would be an @ symbol in an eastward-post address, then here the due east-post address is [email protected]).
- serial: Revision information for this information, in the form YYYYMMDDNN. Here, the data is current as of August 11, 2014; 02 means it was the second revision made on that solar day.
- refresh: A number representing the interval, in seconds, after which the secondary name server checks the primary name server for an updated revision of this information. This information tells us the secondary Microsoft proper noun server's information is never more than ii hours (7200 seconds) out of appointment.
- retry: The secondary nameserver waits this many seconds before attempting to reconnect to the primary name server after a failed try.
- expire: The secondary nameserver'south enshroud of the primary nameserver's information always is considered invalid later on this many seconds.
- minimum: The secondary nameserver's cache of the primary nameserver's information should not be refreshed if this amount of fourth dimension has not elapsed since the last refresh.
Viewing all available NS records
Nosotros tin can too view all available NS records for a domain using the option -type=whatever. For example:
nslookup -blazon=any microsoft.com
Server: 8.8.8.8 Address: 8.viii.8.8#53 Not-authoritative reply: Name: microsoft.com Address: 134.170.185.46 Name: microsoft.com Accost: 134.170.188.221 microsoft.com nameserver = ns3.msft.net. microsoft.com nameserver = ns4.msft.internet. microsoft.com nameserver = ns1.msft.cyberspace. microsoft.com nameserver = ns2.msft.net. microsoft.com origin = ns1.msft.net postal service addr = msnhst.microsoft.com serial = 2014110802 refresh = 7200 retry = 600 expire = 2419200 minimum = 3600 microsoft.com mail exchanger = 10 microsoft-com.postal service.protection.outlook.com. microsoft.com text = "v=spf1 include:_spf-a.microsoft.com include:_spf-b.microsoft.com include:_spf-c.microsoft.com include:_spf-ssg-a.microsoft.com include:spf-a.hotmail.com ip4:147.243.128.24 ip4:147.243.128.26 ip4:147.243.128.25 ip4:147.243.1.47 ip4:147.243.one.48 -all" microsoft.com text = "FbUF6DbkE+Aw1/wi9xgDi8KVrIIZus5v8L6tbIQZkGrQ/rVQKJi8CjQbBtW tE64ey4NJJwj5J65PIggVYNabdQ==" Administrative answers can exist plant from:
Querying another DNS
By default, nslookup queries the same DNS the system is configured to use for all network operations. You can specify a custom DNS to query, however, by specifying it on the command line. For example:
nslookup microsoft.com ns1.msft.net
...provides us with the authoritative answer to our previous query of microsoft.com:
Server: ns1.msft.net Accost: 65.55.37.62#53 Name: microsoft.com Accost: 134.170.185.46 Name: microsoft.com Address: 134.170.188.221
This is useful not only for obtaining authoritative data, just for finding out exactly what information a certain DNS currently has cached.
Querying on a not-standard port
By default, domain name servers accept queries on port 53. If this is configured differently on the server you are trying to query, yous can specify another port number using the -port= selection:
nslookup -port=54 microsoft.com
Here, the query attempt failed because our DNS uses the standard port, number 53.
Debugging the query transaction
Advanced users may need to examine more than closely the details of the query transaction. This can be achieved using the -debug option:
nslookup -debug microsoft.com
Server: 8.8.eight.8 Address: 8.8.8.viii#53 ------------ QUESTIONS: microsoft.com, type = A, class = IN ANSWERS: -> microsoft.com cyberspace address = 134.170.188.221 ttl = 964 -> microsoft.com internet address = 134.170.185.46 ttl = 964 AUTHORITY RECORDS: ADDITIONAL RECORDS: ------------ Non-administrative reply: Name: microsoft.com Address: 134.170.188.221 Name: microsoft.com Address: 134.170.185.46
Interactive mode
Yous tin can also run multiple commands interactively by running nslookup with no options:
nslookup
This brings yous to a special control prompt where you can apply commands to perform whatsoever of the operations listed above. Information technology looks similar this:
>
At this prompt, you lot tin can type a domain name or IP address to query your DNS for its basic information:
> microsoft.com
Server: 8.eight.eight.8 Address: 8.8.8.8#53 Non-administrative answer: Proper name: microsoft.com Accost: 134.170.185.46 Proper noun: microsoft.com Address: 134.170.188.221
...or, to submit a specific query type, you lot can set the type with set up type= value, and and so run the query. For case, these two commands are the equivalent of running nslookup -blazon=any microsoft.com from the command line:
> prepare type=any > microsoft.com
Server: 8.8.8.8 Accost: 8.8.8.8#53 Non-authoritative answer: Name: microsoft.com Accost: 134.170.188.221 Name: microsoft.com Address: 134.170.185.46 microsoft.com nameserver = ns2.msft.internet. microsoft.com nameserver = ns3.msft.net. microsoft.com nameserver = ns4.msft.net. microsoft.com nameserver = ns1.msft.internet. microsoft.com origin = ns1.msft.net mail addr = msnhst.microsoft.com serial = 2014110802 refresh = 7200 retry = 600 expire = 2419200 minimum = 3600 microsoft.com postal service exchanger = 10 microsoft-com.mail.protection.outlook.com. microsoft.com text = "5=spf1 include:_spf-a.microsoft.com include:_spf-b.microsoft.com include:_spf-c.microsoft.com include:_spf-ssg-a.microsoft.com include:spf-a.hotmail.com ip4:147.243.128.24 ip4:147.243.128.26 ip4:147.243.128.25 ip4:147.243.1.47 ip4:147.243.1.48 -all" microsoft.com text = "FbUF6DbkE+Aw1/wi9xgDi8KVrIIZus5v8L6tbIQZkGrQ/rVQKJi8CjQbBtWtE64ey4NJJwj5J65PIggVYNabdQ==" Authoritative answers tin can be establish from:
When ready to go out nslookup'southward Interactive Manner, run the command go out:
> exit
...and yous are returned to the command line.
There are other commands you can run from interactive mode; meet: Interactive commands below for a list.
Syntax
nslookup [-option] [proper name | -] [server]
Technical clarification
nslookup is a program used to query Internet domain name servers for data.
nslookup has two modes: interactive and non-interactive. Interactive manner allows the user to query name servers for information about various hosts and domains or print a list of hosts in a domain. Not-interactive fashion is used to impress the proper noun and requested data for a host or domain.
Arguments
Interactive fashion is entered in the following cases:
- When no arguments are given (the default proper noun server is used).
- When the start argument is a hyphen ("-") and the 2nd argument is the hostname or Internet address of a proper noun server.
Non-interactive manner is used when the name or Net accost of the host to exist looked up is given as the first argument (which can be preceded by options). The optional 2nd argument specifies the hostname or address of a name server, to be used instead of the arrangement's default DNS.
Options
Options tin be specified on the command line if they precede the arguments and are prefixed with a hyphen. For example, to change the default query type to host information, and the initial timeout to x seconds, type:
nslookup -query=hinfo -timeout=ten
The name of the option corresponds to the keyword of the set up control. Run across below for a description of these keywords and their available settings.
Interactive commands
| host [server] | Look up information for host using the current default server, or server if specified. If host is an Internet address and the query type is A or PTR, the name of the host is returned. If host is a name and does non accept a trailing period, the search list is used to authorize the proper noun. To look upwardly a host non in the electric current domain, append a flow to the name. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| server domain, lserver domain | Change the default server to domain; lserver uses the initial server to look upwardly information about domain, while server uses the electric current default server. If an authoritative respond isn't found, the names of servers that might have the respond are returned. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| exit | Exits the program. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| gear up keyword[= value] | Used to change state information that affects the lookups. Valid keywords are:
|
Configuration files
nslookup makes use of the configuration file /etc/nsresolv.conf, if it exists, for whatever special DNS configuration y'all may need. This file is managed using the command line plan resolvconf.
Deprecation
nslookup was briefly classified as "deprecated" past the Internet Systems Consortium in favor of the tools host and dig. They subsequently reversed this decision, but it's of import to annotation that host and dig can provide yous with the aforementioned functions as nslookup, at a somewhat higher level of manufacture acceptance.
Examples
nslookup 204.228.150.iii
Perform a reverse lookup of the IP address 204.228.150.three. Your domain server responds with the current information it has most that host, and it is displayed on your terminal screen. Output resembles the following:
Server: 8.8.8.8 Address: 8.8.8.eight#53 Non-authoritative answer: 3.150.228.204.in-addr.arpa name = 204-228-150-3.xmission.com. Authoritative answers can be found from:
nslookup -type=mx computerhope.com
Query your DNS for information about the mail service commutation server(s) for the domain computerhope.com. Output resembles the following:
Server: 8.8.eight.viii Address: 8.viii.8.8#53 Non-authoritative answer: computerhope.com mail exchanger = ten mail.computerhope.com. Administrative answers tin can be plant from:
nslookup -type=whatsoever google.com
Query your DNS for all bachelor information related to the domain google.com. Output resembles the following:
Server: 8.8.8.eight Address: 8.8.8.8#53 Non-administrative answer: Proper noun: google.com Address: 74.125.226.167 Name: google.com Address: 74.125.226.165 Name: google.com Accost: 74.125.226.169 Proper noun: google.com Accost: 74.125.226.163 Proper name: google.com Address: 74.125.226.168 Name: google.com Accost: 74.125.226.174 Name: google.com Address: 74.125.226.162 Name: google.com Address: 74.125.226.160 Proper noun: google.com Address: 74.125.226.161 Name: google.com Address: 74.125.226.166 Name: google.com Address: 74.125.226.164 google.com has AAAA address 2607:f8b0:4006:809::1009 google.com nameserver = ns3.google.com. google.com mail exchanger = l alt4.aspmx.l.google.com. google.com rdata_257 = \# 19 0005697373756573796D616E7465632E636F6D google.com nameserver = ns4.google.com. google.com text = "v=spf1 include:_spf.google.com ip4:216.73.93.seventy/31 ip4:216.73.93.72/31 ~all" google.com post exchanger = 40 alt3.aspmx.l.google.com. google.com nameserver = ns1.google.com. google.com mail exchanger = xxx alt2.aspmx.fifty.google.com. google.com post exchanger = 20 alt1.aspmx.fifty.google.com. google.com mail service exchanger = 10 aspmx.l.google.com. google.com origin = ns1.google.com postal service addr = dns-admin.google.com series = 2014110400 refresh = 7200 retry = 1800 elapse = 1209600 minimum = 300 google.com nameserver = ns2.google.com. Administrative answers tin be constitute from:
dig — DNS lookup utility.
host — Convert a hostname to an IP accost and vice versa.
ping — Send ICMP ECHO_REQUEST packets to network hosts.
Source: https://www.computerhope.com/unix/unslooku.htm