As a server administrator or IT professional, you must check DNS records and perform its queries. The Name Server Lookup (nslookup) is a command-line tool that helps you to get domain name information and IP addresses. In this article, you will review all about nslookup command to learn what is it, how to use, and install it on your operating system. Using the NSLookup command allows you to diagnose and troubleshoot DNS-related issues and retrieve information about domain names and their associated IP addresses by sending a query to a DNS server, which returns the requested information to the user. So, getting familiar with nslookup command helps you to troubleshoot network issues.
Join us with this tutorial to review nslookup command examples to be able to obtain server records and domain-related information to troubleshoot DNS issues. Regardless of buying Linux VPS or Windows VPS, you will find this content useful since the nslookup command is available on both of them.
What is nslookup Command?
The Name Server Lookup is a command-line tool that allows server administrators and content creators to obtain domain names, IP addresses, timeout, and the port in use by checking DNS records. It is available on Windows, Linux, and macOS. Using this powerful tool lets you diagnose and troubleshoot DNS-related issues like a pro.
The functions of NSLookup include examining a domain’s DNS records, making that a DNS server is operational, and diagnosing DNS-related issues. Among the DNS commands, the nslookup command is outstanding. Additionally, the command offers a number of arguments that let users personalize their searches and get more specific information about DNS records. You may also view all the DNS records for a website using online nslookup tools. Given that you can perform all the checking in a browser, they might be more comfortable to use. However, they might not be as secure as the one your computer is currently using.
When & Why to Use nslookup Command?
Security reasons and troubleshooting server connections are the most important usage of the powerful and popular nslookup command. Since DNS issues will cause direct problems with device communication, website browsing, sending emails, streaming videos, and online chat, server administrators must know how to troubleshoot DNS when it is not working. The nslookup command is used by server administrators to test their networks and troubleshoot DNS problems.
Nslookup can aid in preventing DNS cache poisoning as well. In this attack, fraudsters insert false information and disseminate it to DNS recursive servers, referring to a fictitious authoritative server. Hackers in this instance send data to cache resolvers that are pointing to a phony authoritative server. For example, to make an unfriendly website appear welcoming and familiar by changing the number 0 for a lowercase o. (0peravps.com vs. operavps.com)
How to Install nslookup Command?
Since the Nslookup command is preinstalled on most operating systems like Windows, macOS, and most Linux distributions, you do not have to install it. But if it is not present on your current distribution, or you have already uninstalled it, follow the below commands to install it again.
Prerequisites to Install nslookup Command
- Access to the command line interface or Terminal.
- A non-root user with
When the Terminal is opened, use the command based on your chosen distribution to install the nslookup command.
On Ubuntu, Debian, Kali Linux, and Linux Mint:
$ sudo apt-get update $ sudo apt-get install dnsutils
On CentOS, Fedora, and Red Hat:
$ sudo yum install bind-utils
On Arch Linux and Manjaro:
$ sudo pacman -S dnsutils
What is nslookup Command Syntax?
There are two ways to utilize the nslookup command: interactive and non-interactive. Only the command name has to be entered to start the nslookup interactive mode:
To use it on different operating systems, you should run it as:
nslookup [-option] [name | -] [server]
Users can enter more parameters in the interactive mode, which enables them to query nameservers for a variety of details on domains or hosts. Before the query in interactive mode, add an option on a separate line. Set the option before it:
Run the following command to exit interactive mode and return to CLI:
The non-interactive mode offers just one piece of knowledge regarding a domain or host. You can do single queries against nslookup in a non-interactive manner. The non-interactive mode’s syntax is as follows:
nslookup [options] [domain-name]
How to Use nslookup Command? [12 Most Used Examples]
To conduct DNS and reverse DNS searches and troubleshoot server-related issues, use the nslookup command. As an admin, you might like to use the most common nslookup commands to obtain different domain information and check various DNS record types. Here are some of them:
1. Check a domain’s NS records
Name Server (NS) records store names of the name servers for a domain.
nslookup -type=ns [domain-name]
2. Check the Reverse DNS Lookup
The IPs of a domain are frequently visible by looking at the A records, but occasionally you need to be sure an IP address is associated with a certain domain. We need a reverse DNS lookup to achieve that.
Use the following command to perform a reverse DNS lookup:
3. Obtain Text Records
For users outside the domain, TXT records hold crucial information. To view text DNS records for a domain, run:
nslookup -type=txt [domain-name]
4. View Specific Name Server Information
Run the command below to check the name, IPv4, and IPv6 information of a specific name server on a domain.
nslookup [domain-name] [name-server]
5. View Information for Debugging
Use the following command to view debugging useful information:
nslookup -debug [domain-name]
6. Check Domains MX Records
All necessary Mail Exchange server information is kept in MX records. All email requests for the domain are forwarded to the proper mail server using this data.
To view a domain’s MX data, run:
nslookup -type=mx [domain-name]
7. View Start of Authority records (SOA)
Start of Authority (SOA) records offer reliable details about the domain and server, including the administrator’s email address, serial number, refresh period, query expiration time, etc. Use the command below to view a domain’s SOA records:
nslookup -type=soa [domain-name]
8. View All Available Records
Run the following command to view all available DNS records of a domain.
nslookup -type=any [domain-name]
9. View Pointer Records
Reverse DNS lookups employ pointer records to verify that an IP address belongs to a particular domain name. Use the
ptr option and enter the IP address in reverse.
nslookup -type=ptr [reverse-ip-address].in-addr.arpa
10. Inquire about a Non-Default Port
DNS servers interact on port 53. Using the port option, you can provide a different port to check.
nslookup -port=[port-number] [domain-name]
11. Alter the reply timeout duration.
The timeout duration can be manually set in seconds. To allow the server extra time to react, you can increase it. To test which servers can answer more quickly, you can also make it shorter.
nslookup -timeout=20 [domain-name]
12. Nslookup CNAME
The CNAME record is used to alias or redirect one DNS name to another DNS name.
nslookup -type=cname www.operavps.com
How to list all domain controllers for a specific domain
Run the bellow commands one after another and press Enter after each one of them:
nslookup set type=SRV _ldap._tcp.ad.yourdomain.com
In this way, you can view all domain controllers for the ad.yourdomain.com domain.
|-domain=[domain-name]||Change the default DNS name.|
|-debug||Show debugging information.|
|Show debugging information||Specify the port for queries. The default port number is 53.|
|-timeout=[seconds]||Specify the time allowed for the server to respond.|
|-type=a||View information about the DNS A address records.|
|-type=any||View all available records.|
|-type=mx||View Mail Exchange server information.|
|-type=ns||View Name Server records.|
|-type=ptr||View Pointer records. Used in reverse DNS lookups.|
|-type=soa||View Start of Authority records.|
|-type=hinfo||View hardware-related information about the host.|
Ping, Traceroute, Dig are similar tools to nslookup command to help you monitor your network.
Both are helpful for diagnosing network issues, but ping goes one step further to convert a domain name to an IP address. Nslookup, however, solely uses the DNS server. You can check to see if an IP address is active and capable of responding to queries by pinging it. On the other hand, nslookup offers details on DNS and IP records for domain names.
They are different, but nslookup needs DNS to function. A domain name is resolved to its IP address via a domain name system. Users can ask DNS nameservers for information about a hostname using the nslookup tool.
You would need to restart your Linux machine to get the service working again if it had been halted.
In the event that it is not functioning as a result of being lost or destroyed. Please conform to the instructions from the section on "How to install nslookup command." After installation, you can start using it.
In this article, you learned What is nslookup command, How to Use & Install it. Now, you know how to use the nslookup command which offers many functionalities on your operating system. In the case of using Linux OS, check which Linux commands you are familiar with and which are not. If you have installed this amazing command successfully, you can test your network easily and quickly and improve DNS security.
To start using nslookup command-line tool, open your terminal or command prompt and type ‘’nslookup’’. There are various nslookup commands to help you troubleshoot DNS-related issues, and we discussed the most common of them. When using the commands, make sure that the server provides an authoritative answer. The authoritative answer in the nslookup output refers to the response given by one of the nameservers associated with the domain being searched.