A Full Guide on Solving DNS Problems; How to Use NsLookup Commands in Windows and Linux

How to Use NsLookup Commands in Windows and Linux

0 Comment

7 mins Read

How to Use NsLookup Commands in Windows and Linux
Get your SSD VPS

Get your SSD VPS

Starting from $7.95/month.

Check it Out

If you want to understand what’s going on in your network, you need to be able to perform DNS queries. The best way to do so is by using the Network Administration tool, NsLookup. This command line tool can help you better understand network problems and aid you in solving them.

There are two main methods of using NsLookup for DNS queries; the first one is to use it locally on your computer, and the second one is to use NsLookup online. In this blog post, we’ll talk about both methods and tell you about 8 useful NsLookup command use cases.

How Does DNS Work?

To get a good grasp of NsLookup, we should first go through DNS and what it actually does. The term DNS is short for Domain Name System. Every website on the internet has a numerical IP address. But you don’t reach websites by manually typing the IP address in your browser’s address bar. You type in the website’s domain name, and the DNS maps the domain name to an IP address. Without the help of a DNS, it’s impossible for users to open a website. And when loading a webpage, four different DNS servers collaborate to get the responsible IP address; DNS recursor, Root nameserver, TLD nameserver, and Authoritative nameserver. Each of these DNS types is responsible for one step of the process. For example, the DNS recursor tries to find information about the domain name with the already existing cache data. If it doesn’t find the required information, it passes the request to the root nameserver. The process of handing over the request continues until the DNS can find the related IP address.

What Is NsLookup? 

NsLookup, or name server lookup, is a command-line tool that helps you troubleshoot network problems.

You can use NsLookup to get the IP address of a website by giving it the domain name or vice versa. This type of DNS query is called an “A record,” and it’s not the only DNS query you can make with NsLookup. You can also request an “AAAA record” or a “quad A record.” In the first one, when you ask the NsLookup for the IP address of a domain name, it responds with the responsible IPv4 address. However, the Internet is gradually shifting towards the use of IPv6. So, you need to be able to get the responsible IPv6 address of a domain. An “AAAA” record uses the NsLookup IPv6 command to fulfill the second type of IP request. As for the third example of DNS records you can get from NsLookup, we have the SOA record that gives you useful information and details about a DNS zone. There are many more DNS records you can get via NsLookup, each with a specific command, and these were just a few common examples to familiarize you with the potential of NsLookup. We’ll review more of the functionalities of the NsLookup command in the upcoming sections.

If you use Windows or Linux, chances are you already have this tool available to you on your computer. But according to Microsoft, you can use The NsLookup command-line tool only if you have the TCP/IP protocol installed.

Why Should You Know How to Use NsLookup? 

You may be wondering why I would ever need to use the NsLookup commands, I’m not a network or server administrator. Yet, there are two main reasons why you’d better know how to work with NsLookup:

Troubleshooting Server Connections: 

Imagine you have a problem with your server’s connection. Using NsLookup, you can troubleshoot the connection and solve the problem efficiently and quickly.

Security and Safety:

So many phishing attacks involve tiny alterations in the domain name of a trustable website. So, a user may make purchases or enter information on that website without actually realizing that it’s not the original website. However, this isn’t the only possible attack you can prevent with NsLookup. In a DNS cache poisoning attack, hackers can route data traffic to another server. This way, users may end up on a potentially dangerous website. By knowing the right type of DNS record and its corresponding activity, you can tell when it’s used differently.

Knowing a few helpful NsLookup commands can help expand your technical skill set. Next time you run into a server problem, you can take matters into your own hands and solve it yourself.

The Most Commonly Used NsLookup Commands and How to Use Them on Windows

Now that you’ve learned what ns lookup is, let’s review 6 of the most commonly used NsLookup Windows commands and what you can do with them.

1. Getting the A Record of A Domain

As explained earlier, the A record query is for NsLookup IP check. To use this command on windows, first open your command prompt by pressing Windows+R, typing “cmd,” and clicking Ok. This step is the same for all commands on Windows. Then type NsLookup and hit Enter. As a result, you’ll see your default server and your IP address.

Then type in the website’s domain name, and you’ll get the IP address. Here, we’ve got a Non-authoritative answer. What does this mean? It means the answer to our query comes from a non-authoritative source.

getting the A record of a domain on Windows

2. Checking NS Records of A Domain 

This command allows you to find the authoritative name server of a domain name. The authoritative server is the authority of a DNS zone. To find NS information of a domain, you can use this command:

>set q=ns

checking NS records of a domain on Windows

3. Getting the SOA Record of A Domain

Getting the SOA record of a domain is fairly simple and similar to the last command. The only difference is that you set the query type to soa instead of ns.

So this is what the command looks like:

>set q=soa

4. Enabling the Debug Mode

You can get additional information about a domain name by using this command:

> set debug

This command puts you in debug mode. The debugging mode gives you information about the packet sent to the server.

Activating the NsLookup debug mode on Windows

5. Finding MX Records 

A Mail Exchange record, or an MX record, tells you which mail server is responsible for receiving emails.

Use this command to get MX records:

>set q=mx
>domain name

getting the MX record on Windows

6. Checking Reverse DNS Lookup

This command is useful when you have the IP address and are looking for its domain. To get a reverse NsLookup, use this command:

> nslookup 'IP address'

reverse NsLookup on Windows

The Most Commonly Used NsLookup Commands on Linux

Now, let’s try all these commands on a Linux server.

1. Getting the A record of a domain

To get the A record of a domain on Linux, open the terminal and type in this command:

$nslookup example.com

getting the A record of a domain on Linux

2. Checking NS Records of A Domain 

This is the required command for the name server records of a domain on Linux:

$nslookup -type=ns example.com

checking NS records of a domain on Linux

3. Getting the SOA Record of A Domain

Use this command to get the SOA record of a command:

$nslookup -type=soa example.com

4. Enabling the Debug Mode 

Use this command to enable the debug mode on Linux:

$ nslookup -debug example.com

Activating the NsLookup debug mode on Linux

5. Finding MX Records 

You can use this command to find the MX records:

$nslookup -query=mx example.com

getting the MX record on Linux

6. Checking Reverse DNS Lookup 

Just like getting the A record of a domain, type in nslookup followed by the Ip address to get the reverse ns lookup:


reverse NsLookup on Linux

NsLookup Online Tools

Besides the command prompt, you can also use web-based options to query a name server. It works by entering a domain name in the search box of the online tool, and it responds with a wide range of DNS records. Online NsLookup tools cover almost all the queries you can make with the command prompt. Here are three examples of an online NsLookup tool.

  1. Nslookup.io
  2. Broadband search
  3. Web Wiz

To Recap 

Every time a user tries to open a website, the magical hands of a DNS find the IP address and make it possible to reach that website. To have a deeper understanding of your DNS zone and solve its issues, you can use NsLookup. NsLookup is a helpful command line tool that gives you a lot of information about name servers. You can use this tool for multiple purposes, such as troubleshooting server connections and solving DNS problems or enhancing your safety while browsing the internet. In this article, we covered some useful NsLookup commands for both Linux and Windows.


Are NsLookup and Ping Different? 

When you translate a domain name to an IP address, both of these tools respond with the same answer. However, their operation processes are different. But it’s important to note that ping is usually used for IP connectivity checks, not for diagnosing and troubleshooting DNS problems.

Can I Use NsLookup with An IP Address?

Yes, NsLookup can be used to get the domain name related to an IP address. You can use reverse NsLookup to get the responsible domain name of an IP address. 

What does DNS lookup tell you?

DNS lookup can translate a domain name to an IP address or vice versa. It also gives you some information about the DNS zone, like the zone’s primary name server.

How Can I Use NsLookup? 

You can use NsLookup in the Windows command line or in the Linux terminal. There are also some online tools that allow you to get the same information.

What Are NsLookup Command Modes? 

The NsLookup operates in two modes: the interactive mode and the non-interactive mode. If you’re looking for a single piece of information, it’s better to use the non-interactive mode. For more than one piece of information, use the interactive mode. Both modes provide you with the same answer.

My writing is all about details. I think everyone should understand technology easily, and I try my best to make that happen.


Leave a Comment

Your email address will not be published. Required fields are marked *

Latest Posts