Nslookup explained.

Nslookup is a very practical network administration command-line software. It is very useful, and it has a simple interface. Its name breaks to “ns” for nameserver and “lookup” for querying it. Primarily is used to find the IP address that corresponds to a host. Also, for a process called “Reverse DNS Lookup,” which is the domain name that matches an IP address. You can use it from the Terminal. Check domains, devices/IP addresses, or DNS records. It is available on the traditional computer operating systems Linux, macOS, and also Windows. 

For most Linux distros, it comes pre-installed, so you don’t have to download it by yourself. Network admins enjoy it because it also has extra options to adjust the query by picking a port, timeout period, and more. This command comes up with a clean and simple answer. 

You will receive the IP address – when you checked the domain.

Or you will receive the domain – for Reverse Lookup.

The command will tell you that and information such as if the answer comes from an authoritative or non-authoritative server. 

For what is it used?

Nslookup is appropriate in different situations. The command-line program is an essential tool when resolving DNS problems. 

  • A data query helps detect the cause of the issue.
  • Check if all involved servers are converted in the domain name system properly. 
  • When several subdomains are involved, you can check for connection problems.
  • Search for mail servers (SMTP, POP, IMAP) for the domain. Nslookup shows the servers based on the MX records that belong to the email provider’s domain. These records contain the IP addresses and names of the provider servers.

Nslookup guide

Try it Nslookup command with these examples of general use cases:

  • The A record of a domain (shows IP address)

nslookup example.com

You will see the address of the domain. 

  • The NS records of a domain (the authoritative nameserver)

nslookup -type=ns example.com

You will see which are the non-authoritative and which is the authoritative nameserver.

  • The SOA record of a domain (start of authority)

nslookup -type=soa example.com

This record will provide you the start of authority and general technical information about the zone.

  • The MX record, information about the email exchange

nslookup -query=mx example.com

View the MX records of the mail servers. 

  • See all DNS records of the domain.

nslookup -type=any example.com

You can also make a more general query, and you will see all available DNS records. 

  • Check a specific name server.

nslookup example.com ns1.nsexample.com

You can also perform a query and see data for a particular name server. You will see the domain name, IPv4, and IPv6 addresses. 

  • Reverse DNS lookup

nslookup 11.22.33.44

Make sure that an IP address is matching the domain. Do a reverse DNS lookup and verify it. 

  • Check a domain through a specific port.

nslookup -port=51 example.com

The same, but the difference is that we are doing it through port 51. You can replace the number with the port that you like. 

  • Check a domain with a specific reply timeout interval.

nslookup -timeout=20 example.com

You can change the reply timeout interval. Here is set to 20 seconds, but you can extend to more time or shorten it to less. You are giving more time to the name servers to respond if you increase it. 

  • Activate the debug mode

nslookup -debug example.com

The debug mode will provide a lot more information. Further data will be given both for the question and the answer to the query.