“nslookup” is a command-line tool used for querying Domain Name System (DNS) servers to obtain domain name or IP address mapping, or other DNS records. While “nslookup” is widely used, the “dig” command has largely replaced it for most functionalities. However, you can still use “nslookup” for simple queries. Here’s how you can use “nslookup” command effectively in linux:
Prerequisites:
1. Ensure nslookup package is installed on your system by running below command:
nslookup
or
yum list installed | grep -I bind-utils
If you are getting “command not found” message, install the nslookup package using below command.
yum install bind-utils
1. Basic DNS Query:
nslookup example.com
Replace “example.com” with the domain you want to query. This performs a standard DNS query and shows the corresponding IP address.
2. Reverse DNS Lookup:
nslookup 8.8.8.8
This performs a reverse DNS lookup for the given IP address (“8.8.8.8” in this case) and provides the associated domain name.
3. Query a Specific DNS Server:
nslookup example.com dns-server-ip
Replace “dns-server-ip” with the IP address of the DNS server you want to query. This directs the query to a specific DNS server.
4. Display Detailed Query Information:
nslookup -query=any example.com
This displays detailed information about the domain, including all available DNS record types (“ANY” record type).
5. Changing Query Type:
nslookup -type=mx example.com
This queries for Mail Exchange (MX) records of the domain. Replace “mx” with other record types like “a”, “cname”, “txt”, etc., to get specific DNS records.
6. Setting Debug Mode:
nslookup -debug example.com
This enables debug mode, providing more detailed information about the DNS query process.
7. Interactive Mode:
nslookup
Enter “nslookup” without any arguments to enter interactive mode. You can then enter the domain name and query type interactively.
8. Setting Query Timeout:
nslookup -timeout=5 example.com
This sets the query timeout to 5 seconds. Adjust the timeout according to your needs.
9. Changing the Port Number:
nslookup -port=5353 example.com
This queries the DNS server on port “5353” instead of the default port “53”.
10. Querying Over TCP:
nslookup -querytype=any example.com tcp
This queries the DNS server over TCP instead of the default UDP.
11. Suppressing Output:
nslookup example.com 2>/dev/null
This suppresses standard error output, useful when you only want to see the result of the query.
12. Querying Multiple Domains:
nslookup -q=mx example.com example.org
This queries for MX records of both “example.com” and “example.org” in a single command.
Please note that the “nslookup” command might not be available by default on some Linux distributions, especially those using “systemd-resolved” or other DNS resolution mechanisms. In such cases, consider using the “dig” command, which is more modern and versatile.
How do you feel about this post? Drop your comments below..
