Linux nslookup commands to troubleshoot dns domain name server

nslookup is a network administration command-line tool available for many computer operating systems for querying Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record. This article explains about nslookup command in detail. Nslookup can be run in two modes, Interactive and Non-Interactive. The Interactive mode is used to query DNS-Server about various domains and hosts. Non-Interactive mode is used to query about information of a domain or host.

To find out Find out “A” record (IP address) of Domain, use the following command –

$ sudo nslookup tutorialspoint.com

The sample output should be like this –

Server:      127.0.1.1 Address:     127.0.1.1#53 Non-authoritative answer: Name:       tutorialspoint.com Address: 117.18.237.191

The above command gives information about tutorialspoint.com. Non-authoritative answer displays a record of Tutorialspoint.com

To find out Reverse Domain Lookup, use the following command –

$ sudo nslookup 209.191.122.70

The sample output should be like this –

Server:      127.0.1.1 Address:      127.0.1.1#53 Non-authoritative answer: 70.122.191.209.in-addr.arpaname = UNKNOWN-209-191-122-X.yahoo.com. Authoritative answers can be found from:

To find Query MX (Mail Exchange) record, use the following command –

$ sudo nslookup -query=mx www.yahoo.com

The sample output should be like this –

Server:       127.0.1.1 Address:      127.0.1.1#53 Non-authoritative answer: www.yahoo.comcanonical name = fd-fp3.wg1.b.yahoo.com. Authoritative answers can be found from: wg1.b.yahoo.com    origin = yf1.yahoo.com    mail addr = hostmaster.yahoo-inc.com    serial = 1461733777    refresh = 30    retry = 30    expire = 86400    minimum = 300

MX report is used to map a site name to a record of mail trade servers for that area. Basically, it tells about whatever mail is received / or sent to @yahoo.com and which will be routed to mail server.

To find query NS(Name Server) record, use the following command –

$ sudo nslookup -query=ns www.yahoo.com

The sample output should be like this –

Server:       127.0.1.1 Address:      127.0.1.1#53 Non-authoritative answer: www.yahoo.comcanonical name = fd-fp3.wg1.b.yahoo.com. Authoritative answers can be found from: wg1.b.yahoo.com    origin = yf1.yahoo.com    mail addr = hostmaster.yahoo-inc.com    serial = 1461734024    refresh = 30    retry = 30    expire = 86400    minimum = 300

To find query SOA (Start of Authority) record, use the following command –

$ sudo nslookup -type=soa www.yahoo.com

The sample output should be like this –

Server:       127.0.1.1 Address:      127.0.1.1#53 Non-authoritative answer: www.yahoo.comcanonical name = fd-fp3.wg1.b.yahoo.com. Authoritative answers can be found from: wg1.b.yahoo.com    origin = yf1.yahoo.com    mail addr = hostmaster.yahoo-inc.com    serial = 1461734126    refresh = 30    retry = 30    expire = 86400    minimum = 300

To query all the available DNS records, use the following command-

$ sudo nslookup -query=any yahoo.com

The sample output should be like this –

Server:    127.0.1.1 Address:   127.0.1.1#53 Non-authoritative answer: yahoo.comhas AAAA address 2001:4998:44:204::a7 yahoo.comnameserver = ns5.yahoo.com. yahoo.comnameserver = ns2.yahoo.com. yahoo.comnameserver = ns6.yahoo.com. yahoo.com    origin = ns1.yahoo.com    mail addr = hostmaster.yahoo-inc.com    serial = 2016042624    refresh = 3600    retry = 300    expire = 1814400    minimum = 600 yahoo.com    has AAAA address 2001:4998:c:a06::2:4008 yahoo.com    mail exchanger = 1 mta6.am0.yahoodns.net. yahoo.com    mail exchanger = 1 mta5.am0.yahoodns.net. yahoo.com    nameserver = ns4.yahoo.com. yahoo.com    has AAAA address 2001:4998:58:c02::a9 yahoo.com    nameserver = ns3.yahoo.com. yahoo.com    nameserver = ns1.yahoo.com. yahoo.com    mail exchanger = 1 mta7.am0.yahoodns.net. Authoritative answers can be found from:

To enable Debug mode, use the following command –

$ sudo nslookup -debug yahoo.com

The sample output should be like this –

Server:       127.0.1.1 Address:      127.0.1.1#53 ------------ QUESTIONS: yahoo.com, type = A, class = IN ANSWERS:    -> yahoo.com    internet address = 206.190.36.45    ttl = 810    -> yahoo.com    internet address = 98.139.183.24    ttl = 810    -> yahoo.com    internet address = 98.138.253.109    ttl = 810    AUTHORITY RECORDS:    ADDITIONAL RECORDS: ------------ Non-authoritative answer: Name:yahoo.com Address: 206.190.36.45 Name:yahoo.com Address: 98.139.183.24 Name:yahoo.com Address: 98.138.253.109

Congratulations! Now, you know “Linux Nslookup Commands to Troubleshoot DNS (Domain Name Server)”. We’ll learn more about these types of commands in our next Linux post. Keep reading!