Table of Contents

Linux Commands#network
dig - How to use dig command in Linux
How to use host command on Linux

How to use nslookup Commands on Linux

DNS lookup utility




Commands List

Operation Command Example
lookups – mapping names to addresses nslookup HOST nslookup google.com
Debug nslookup -debug google.com
nslookup -d google.com
Reverse lookups – mapping addresses to names nslookup IP_ADDRESS nslookup 192.168.0.10
lookups at DNS Server nslookup HOST SERVER nslookup google.com 8.8.8.8
lookups at DNS Server nslookup IP SERVER nslookup 74.125.235.101 8.8.8.8
lookup for an any record nslookup -type=any HOST nslookup -type=any google.com
lookup for an soa record nslookup -type=soa HOST nslookup -type=osa google.com
lookup for an ns record nslookup -type=ns HOST nslookup -type=ns google.com
lookup for an a record nslookup -type=a HOST nslookup -type=a google.com
lookup for an mx record nslookup -type=mx HOST nslookup -type=mx google.com
lookup for an txt record nslookup -type=txt HOST nslookup -type=txt google.com


nslookup options

# man nslookup
NAME
       nslookup - query Internet name servers interactively

SYNOPSIS
       nslookup [-option] [name | -] [server]

INTERACTIVE COMMANDS

       host [server]
           Look up information for host using the current default server or using server, if specified.


       server domain
       lserver domain
           Change the default server to domain; 
           lserver uses the initial server to look up information about domain,
           while server uses the current default server. 


       set keyword[=value]
           This command is used to change state information that affects the lookups. Valid keywords are:

               type=value
                   Change the type of the information query.

                   (Default = A; abbreviations = q, ty)


Examples

C:\ > nslookup
> set type=mx
> server  8.8.8.8    <- DNS Server
> example.com

>set d2    <- detail debugmode more than 'set debug'

> help
> exit


Tips

How to check DNS Server. nslookup google.com |grep -i server


How to check TTL to the authoritative DNS server

Step1 check Name Server(Authoritative DNS server)

$ nslookup  -q=ns google.com

Non-authoritative answer:
google.com      nameserver = ns4.google.com.
google.com      nameserver = ns3.google.com.
google.com      nameserver = ns2.google.com.
google.com      nameserver = ns1.google.com.


Step2 check TTL to Authoritative DNS server

A Recode(TTL 300)
$ nslookup -debug  -q=a google.com ns1.google.com
    ANSWERS:
    ->  google.com
        internet address = 172.217.175.238
        ttl = 300
MX Recode(TTL 600)
$ nslookup -debug  -q=mx google.com ns1.google.com
    ANSWERS:
    ->  google.com
        mail exchanger = 10 aspmx.l.google.com.
        ttl = 600
    ->  google.com
        mail exchanger = 30 alt2.aspmx.l.google.com.
        ttl = 600
    ->  google.com
        mail exchanger = 50 alt4.aspmx.l.google.com.
        ttl = 600
    ->  google.com
        mail exchanger = 20 alt1.aspmx.l.google.com.
        ttl = 600
    ->  google.com
        mail exchanger = 40 alt3.aspmx.l.google.com.
        ttl = 600










Linux Commands#network
dig - How to use dig command in Linux
How to use host command on Linux