Nslookup stands for “Name Server Lookup”. it is a small but very powerful command for getting information from the DNS server. DNS stands for Domain Name System and computers use this to perform DNS queries and receive: domain names or IP addresses, or any other specific DNS Records.
The nslookup tool is available only if you have TCP/IP protocol enabled in your operating system. Nslookup command can be used in 2 modes
- Interactive mode.
- Non-interactive mode.
To use in the interactive mode of NSLookup type nslookup in the command line and press enter.
To use in the non-interactive mode of NSLookup type nslookup with its arguments in the command line to get the results.
In this article, we will demonstrate how to use nslookup while troubleshooting.
Install Nslookup Command
Nslookup command is present on most operating systems. But, if in case it is not available on Linux use the below command to install it.
For CentOS/RHEL 8:
# dnf install bind-utils
For CentOS/RHEL 6/7:
# yum install bind-utils
$ sudo apt-get update
$ sudo apt-get install dnsutils
Find out “A” record of Domain
Use this below command to display the “A” record (IP Address) of the domain.
# nslookup www.google.com
Find out Reverse Domain Lookup
To find the domain name of any IP address, use the following command:
# nslookup 220.127.116.11
Find the NS Records of a Domain
By checking the NS records, you can see which is the authoritative server for a specific domain.
# nslookup -type=ns yahoo.com
Find the SOA Record of a Domain
To find the SOA (start of authority) records of any domain, use the following command.
# nslookup -type=soa yahoo.com
Find the MX Records of a Domain
If you want to find all the mail servers configured to a particular domain, use the following command.
# nslookup -type=mx yahoo.com
Find All DNS Records Of a Domain
To find all DNS records of a specific domain, use the following command.
# nslookup -type=any yahoo.com
Find All TXT Records Of a Domain
TXT records are useful for multiple types of records like DKIM, SPF, etc. You can use the below command to find all the TXT records.
# nslookup -type=txt yahoo.com
Find the PTR record of a Domain
You can verify if an IP address belongs to a domain name by performing a reverse DNS query. you will need to check the PTR record that links an IP address to a domain name. You will need to put the IP address in reverse (18.104.22.168 changes to 22.214.171.124), and you need to add in-addr.arpa because it is stored in arpa’s top-level-domain.
# nslookup -type=ptr 126.96.36.199.in-addr.arpa
Enable Debug mode with Nslookup
You can enable debug mode with Nslookup to display more information about your query and answer. Use the following command to display more information.
# nslookup -debug google.com