This post is to show you what Nslookup is, how it works, and what we can do with it.
To start NslookupTo start, simply type Nslookup in the command prompt window. It shows the host name and IP address of the DNS server configured for your local computer.
In this case, I have my router configured as default DNS server, therefore the host name shows unknown because it doesn’t have a valid host name associated with it. Because the DNS is set to use my default router, all DNS query will go through it to the external DNS server set up on my Router, which is set by default to my ISP.
Also note that the command displays a command prompt waiting for the further queries after the initial info. If you don’t know what to type, you can type a question mark ? and press enter for all available commands. To exit, type exit.
To look up a host’s IPTo look up an IP address of a host, simply type the host name which could be a domain name if the host you want to check is a website.
Nslookup uses my default DNS setting to execute the DNS query to find the IP info of the host. If for some reason the DNS server you have set up isn’t working properly because you can’t access internet from any of your browser, it’s time to troubleshoot the problem using a different DNS server.
There are 2 public DNS servers that are not only quick but also working almost all the time, Google Public DNS (188.8.131.52 or 184.108.40.206) and Open DNS (220.127.116.11 or 18.104.22.168).
You can switch to any of the public DNS listed above to see if your network problem is indeed something related to DNS. For example, to switch to Google Public DNS, you can type server 22.214.171.124 and press enter. Then type the host name again to look up the IP address of it.
A quick compare between these information would tell you quickly whether your DNS setup on your computer is functioning properly.
To query a specific type of DNS recordThe default look-up in Nslookup is to return the IP address for the specified host name or domain, which is basically the “A” records in DNS. But you can look up the other type of DNS information too, such as MX, CNAME, or any other types.
For example, to find what mail server this website uses, run the following command first, and type the host name again.
You can also use the command ls to list the records for the domain but since most of the domain has their zone transfer disabled for security reason, you often get the message “can’t list domain xxx: query failed” that basically returns nothing for you.
The debug modeNslookup also has a debug mode that’s quite helpful. You can turn it on by typing set debug or set d2 which provides more greater detail information. Once the debug mode is on, Nslookup shows up the steps being taken along the way to complete its command, see the example from the screenshot below:
That’s it for today. Have you had any fun yet with this command line?
Note: If this Tutorial and News worked for you (and it should work), please leave a comment below. Thanks.