Use nslookup Command in Linux and Windows

How to Use nslookup Command in Linux and Windows?

As a server administrator or IT professional, you must check DNS records and perform its queries. The Name Server Lookup (nslookup) is a command-line tool that helps you to get domain name information and IP addresses. In this article, you will review all about nslookup command to learn what is it, how to use, and install it on your operating system. Using the NSLookup command allows you to diagnose and troubleshoot DNS-related issues and retrieve information about domain names and their associated IP addresses by sending a query to a DNS server, which returns the requested information to the user. So, getting familiar with nslookup command helps you to troubleshoot network issues.

Join us with this tutorial to review nslookup command examples to be able to obtain server records and domain-related information to troubleshoot DNS issues. Regardless of buying Linux VPS or Windows VPS, you will find this content useful since the nslookup command is available on both of them.

What is nslookup Command?

The Name Server Lookup is a command-line tool that allows server administrators and content creators to obtain domain names, IP addresses, timeout, and the port in use by checking DNS records. It is available on Windows, Linux, and macOS. Using this powerful tool lets you diagnose and troubleshoot DNS-related issues like a pro.

The functions of NSLookup include examining a domain’s DNS records, making that a DNS server is operational, and diagnosing DNS-related issues. Among the DNS commands, the nslookup command is outstanding. Additionally, the command offers a number of arguments that let users personalize their searches and get more specific information about DNS records. You may also view all the DNS records for a website using online nslookup tools. Given that you can perform all the checking in a browser, they might be more comfortable to use. However, they might not be as secure as the one your computer is currently using.

When & Why to Use nslookup Command?

Security reasons and troubleshooting server connections are the most important usage of the powerful and popular nslookup command. Since DNS issues will cause direct problems with device communication, website browsing, sending emails, streaming videos, and online chat, server administrators must know how to troubleshoot DNS when it is not working. The nslookup command is used by server administrators to test their networks and troubleshoot DNS problems.

Nslookup can aid in preventing DNS cache poisoning as well. In this attack, fraudsters insert false information and disseminate it to DNS recursive servers, referring to a fictitious authoritative server. Hackers in this instance send data to cache resolvers that are pointing to a phony authoritative server. For example, to make an unfriendly website appear welcoming and familiar by changing the number 0 for a lowercase o. ( vs.

How to Install nslookup Command?

Since the Nslookup command is preinstalled on most operating systems like Windows, macOS, and most Linux distributions, you do not have to install it. But if it is not present on your current distribution, or you have already uninstalled it, follow the below commands to install it again.

Prerequisites to Install nslookup Command

  • Access to the command line interface or Terminal.
  • A non-root user with sudo privileges.

When the Terminal is opened, use the command based on your chosen distribution to install the nslookup command.

On Ubuntu, Debian, Kali Linux, and Linux Mint:

$ sudo apt-get update
$ sudo apt-get install dnsutils

On CentOS, Fedora, and Red Hat:

$ sudo yum install bind-utils

On Arch Linux and Manjaro:

$ sudo pacman -S dnsutils

What is nslookup Command Syntax?

There are two ways to utilize the nslookup command: interactive and non-interactive. Only the command name has to be entered to start the nslookup interactive mode:


To use it on different operating systems, you should run it as:

nslookup [-option] [name | -] [server]

Users can enter more parameters in the interactive mode, which enables them to query nameservers for a variety of details on domains or hosts. Before the query in interactive mode, add an option on a separate line. Set the option before it:

set [option]

Run the following command to exit interactive mode and return to CLI:


The non-interactive mode offers just one piece of knowledge regarding a domain or host. You can do single queries against nslookup in a non-interactive manner. The non-interactive mode’s syntax is as follows:

nslookup [options] [domain-name]

How to Use nslookup Command? [12 Most Used Examples]

To conduct DNS and reverse DNS searches and troubleshoot server-related issues, use the nslookup command. As an admin, you might like to use the most common nslookup commands to obtain different domain information and check various DNS record types. Here are some of them:

1. Check a domain’s NS records

Name Server (NS) records store names of the name servers for a domain.

nslookup -type=ns [domain-name]

2. Check the Reverse DNS Lookup

The IPs of a domain are frequently visible by looking at the A records, but occasionally you need to be sure an IP address is associated with a certain domain. We need a reverse DNS lookup to achieve that.

Use the following command to perform a reverse DNS lookup:

nslookup [ip-address]

3. Obtain Text Records

For users outside the domain, TXT records hold crucial information. To view text DNS records for a domain, run:

nslookup -type=txt [domain-name]

4. View Specific Name Server Information

Run the command below to check the name, IPv4, and IPv6 information of a specific name server on a domain.

nslookup [domain-name] [name-server]

5. View Information for Debugging

Use the following command to view debugging useful information:

nslookup -debug [domain-name]

6. Check Domains MX Records

All necessary Mail Exchange server information is kept in MX records. All email requests for the domain are forwarded to the proper mail server using this data.

To view a domain’s MX data, run:

nslookup -type=mx [domain-name]

7. View Start of Authority records (SOA)

Start of Authority (SOA) records offer reliable details about the domain and server, including the administrator’s email address, serial number, refresh period, query expiration time, etc. Use the command below to view a domain’s SOA records:

nslookup -type=soa [domain-name]

8. View All Available Records

Run the following command to view all available DNS records of a domain.

nslookup -type=any [domain-name]

9. View Pointer Records

Reverse DNS lookups employ pointer records to verify that an IP address belongs to a particular domain name. Use the ptr option and enter the IP address in reverse.

nslookup -type=ptr [reverse-ip-address]

10. Inquire about a Non-Default Port

DNS servers interact on port 53. Using the port option, you can provide a different port to check.

nslookup -port=[port-number] [domain-name]

11. Alter the reply timeout duration.

The timeout duration can be manually set in seconds. To allow the server extra time to react, you can increase it. To test which servers can answer more quickly, you can also make it shorter.

nslookup -timeout=20 [domain-name]

12. Nslookup CNAME

The CNAME record is used to alias or redirect one DNS name to another DNS name.

nslookup -type=cname

How to list all domain controllers for a specific domain

Run the bellow commands one after another and press Enter after each one of them:


set type=SRV

In this way, you can view all domain controllers for the domain.

nslookup Options

nslookup OptionDescription
-domain=[domain-name]Change the default DNS name.
-debugShow debugging information.
Show debugging informationSpecify the port for queries. The default port number is 53.
-timeout=[seconds]Specify the time allowed for the server to respond.
-type=aView information about the DNS A address records.
-type=anyView all available records.
-type=mxView Mail Exchange server information.
-type=nsView Name Server records.
-type=ptrView Pointer records. Used in reverse DNS lookups.
-type=soaView Start of Authority records.
-type=hinfoView hardware-related information about the host.


Both are helpful for diagnosing network issues, but ping goes one step further to convert a domain name to an IP address. Nslookup, however, solely uses the DNS server. You can check to see if an IP address is active and capable of responding to queries by pinging it. On the other hand, nslookup offers details on DNS and IP records for domain names.



They are different, but nslookup needs DNS to function. A domain name is resolved to its IP address via a domain name system. Users can ask DNS nameservers for information about a hostname using the nslookup tool.

You would need to restart your Linux machine to get the service working again if it had been halted.

In the event that it is not functioning as a result of being lost or destroyed. Please conform to the instructions from the section on "How to install nslookup command." After installation, you can start using it.


In this article, you learned What is nslookup command, How to Use & Install it. Now, you know how to use the nslookup command which offers many functionalities on your operating system. In the case of using Linux OS, check which Linux commands you are familiar with and which are not. If you have installed this amazing command successfully, you can test your network easily and quickly and improve DNS security.

To start using nslookup command-line tool, open your terminal or command prompt and type ‘’nslookup’’. There are various nslookup commands to help you troubleshoot DNS-related issues, and we discussed the most common of them. When using the commands, make sure that the server provides an authoritative answer. The authoritative answer in the nslookup output refers to the response given by one of the nameservers associated with the domain being searched.

Leave a Reply

Your email address will not be published. Required fields are marked.

Liana Publish in June 21, 2023 at 7:29 pm

thanks for info