Using the Nslookup Command

There are many command line networking tools that you can use to do various things from checking the connectivity of hosts on a network to finding out IP information about your computer.

DNS (Domain Naming Service) is the service that is used to resolve or translate computer names on local networks and the Internet to their respective IP addresses. IP addresses are used to identify hosts or network interfaces on networks so computers and other devices can communicate with each other.

The nslookup command is an administrative tool for testing and troubleshooting DNS servers. It is installed with the TCPIP protocol suite and is available in Windows and other operating systems. Nslookup is used to query DNS servers to obtain domain name or IP address mappings for DNS records. For example if you would like to know the IP address of a computer on your network that you know the name of, you can use nslookup to query it by name and have it resolve it to an IP address. Or if you want to find the name of a computer based on its IP address then you can use nslookup for that as well. This is assuming you use DNS on your network and your computershosts are registered in DNS.

To use nslookup, simply open a command prompt and type nslookup and press enter. Then you will be at the nslookup prompt and be shown your DNS servers name and IP address. If you use your ISPs DNS servers then that is what will be shown. If you use a DNS server on your network then that is what will show up as your default server. Keep in mind that if you use an outside DNS server such as the one belonging to your ISP then you will not be able to resolve names on your local network since they won’t be registered with your ISP’s DNS servers.

Nslookup Command

After you have the nslookup prompt up you can type in the name or IP address of the computer you want to resolve. You can even resolve website IP addresses by simply typing in the website address. The first part of the results show what DNS server name and IP address was used to answer your request and the second part shows the name and IP address of the host or website you ran the query on.

Nslookup Command

One trick you can use to get all the name servers of a location is to set the type of nslookup to name servers. This is done by typing set type=ns at the prompt and pressing enter and then typing in the website address again.

Nslookup Command

There are other types of records you can look for such as mail server records by using the set type=mx setting.

Nslookup Command

There are many other things you can do with the nslookup command and if you type help at the prompt you will be shown all your options. Don’t be afraid to try some of them out and see what kind of useful information you can get about other servers on your network and on the Internet.

Commands:   (identifiers are shown in uppercase, [] means optional)
NAME            – print info about the host/domain NAME using default server
NAME1 NAME2     – as above, but use NAME2 as server
help or ?       – print info on common commands
set OPTION      – set an option
    all                 – print options, current server and host
    [no]debug           – print debugging information
    [no]d2              – print exhaustive debugging information
    [no]defname         – append domain name to each query
    [no]recurse         – ask for recursive answer to query
    [no]search          – use domain search list
    [no]vc              – always use a virtual circuit
    domain=NAME         – set default domain name to NAME
    srchlist=N1[/N2/…/N6] – set domain to N1 and search list to N1,N2, etc.
    root=NAME           – set root server to NAME
    retry=X             – set number of retries to X
    timeout=X           – set initial time-out interval to X seconds
    type=X              – set query type (ex. A,AAAA,A+AAAA,ANY,CNAME,MX,NS,PTR,SOA,SRV)
    querytype=X         – same as type
    class=X             – set query class (ex. IN (Internet), ANY)
    [no]msxfr           – use MS fast zone transfer
    ixfrver=X           – current version to use in IXFR transfer request
server NAME     – set default server to NAME, using current default server
lserver NAME    – set default server to NAME, using initial server
root            – set current default server to the root
ls [opt] DOMAIN [> FILE] – list addresses in DOMAIN (optional: output to FILE)
    -a          –  list canonical names and aliases
    -d          –  list all records
    -t TYPE     –  list records of the given RFC record type (ex. A,CNAME,MX,NS,PTR etc.)
view FILE           – sort an ‘ls’ output file and view it with pg
exit            – exit the program

To exit the nslookup command and go back to a regular command prompt you just need to type exit and press enter. If you don’t and want to do other commands that aren’t nslookup related then they won’t work and you will get nslookup error messages.

Related Posts

© 2024 Online Computer Tips
Website by Anvil Zephyr