NSlookup Tutorial
What is nslookup ?
Nslookup is a program to query Internet domain name servers.
Nslookup has two modes: interactive and non-interactive.
Interactive mode allows the user to query name servers for
information about various hosts and
domains or to print a list of hosts in a domain. Non-interactive
mode is used to print just the name and requested information
for a host or do
main.
DNS Records
|
Name |
Value |
Description |
| A |
1 |
IPv4 Address (32 bits) |
| NS |
2 |
Name Server |
| CNAME |
5 |
Canonical Name |
| PTR |
12 |
Pointer Record |
| HINFO |
13 |
Host Information |
| MX |
15 |
Mail Exchange Record |
| TXT |
16 |
Text String |
| AAAA |
28 |
IPv6 Address (128
bits) |
| AXFR |
252 |
Request for Zone
Transfer |
| ANY |
255 |
Request for All
Records |
Using nslookup from
commnd line
In windows just open the command prompt and type nslookup
In *nix bsed systems open the terminal window and type nslookup
bash$ /usr/etc/nslookup
Default Server: scitsc.ser.ac.uk
Address: 134.220.4.1
> set q=A
> ccub.ser.ac.uk.
Server: scitsc.ser.ac.uk
Address: 134.220.4.1
Name: ccub.ser.ac.uk
Address: 134.220.1.20
> set q=CNAME
> www.ser.ac.uk.
Server: scitsc.ser.ac.uk
Address: 134.220.4.1
www.ser.ac.uk canonical name = ccuf.ser.ac.uk
> set q=MX
> ser.ac.uk.
Server: scitsc.ser.ac.uk
Address: 134.220.4.1
ser.ac.uk preference = 1, mail exchanger = ser.ac.uk
ser.ac.uk inet address = 134.220.1.12
> set q=HINFO
> ccub.ser.ac.uk.
Server: scitsc.ser.ac.uk
Address: 134.220.4.1
ccub.ser.ac.uk CPU=SUN 690MP OS=Solaris 2.4
> set q=PTR
> 12.1.220.134.in-addr.arpa
Server: scitsc.ser.ac.uk
Address: 134.220.4.1
12.1.220.134.in-addr.arpa host name = ccug.ser.ac.uk
DNS Records Explanation
Type A
A simple query for the IP address corresponding to
ccub.ser.ac.uk.
Type CNAME
A given host can have several DNS names. One of these is the
canonical or reference name. This query reveals that
www.ser.ac.uk is really ccuf.ser.ac.uk.
Type MX
A mail exchanger query, this time for the domain ser.ac.uk which
reveals that mail sent to user@ser.ac.uk is actually sent to
134.220.1.12 which is really ccug.ser.ac.uk. (see below).
Type HINFO
An HINFO query. This is only useful if the DNS domain
administrator has bothered to create the relevant records and
keep them up to date.
Type PTR
A PTR query. This shows "inverse" or "reverse" resolution.
Notice the very clumsy way the query has to be entered, this is
partly because IP addresses have the most sigificant part first
whereas DNS addresses have the most significant part last. There
are plenty of pieces of software that do reverse resolution
without this clumsy interface.
nslookup Errors and Solutions
*** <server> can't find <hostname>: Non-existent domain
The host you queried can not be resolved using the current DNS
server. If the current DNS server is not the source of authority
for the domain in question, you should locate the SOA DNS server
and try querying that host directly for information on the
hostname.
*** No <record type> information is available for <hostname>
No such record type appears in the DNS system for the hostname
you are querying. Again, try the SOA DNS server is you have
doubts.
*** Request to <server> timed-out
The server which was specified with the last 'server' command is
not accepting DNS queries. Either it is not up and running on
the network, or it is not accepting packets on the DNS channel.
Web based nslookup Tools
http://www.kloth.net/services/nslookup.php
http://www.zoneedit.com/lookup.html
http://swhois.net/
http://centralops.net/co/
http://network-tools.com/nslook/
