How to Use NsLookup Commands in Windows and Linux

How to Use NsLookup Commands in Windows and Linux

0 Comment

7 mins Read

How to Use NsLookup Commands in Windows and Linux

If you want to understand what’s going on in your network, you need to be able to perform DNS queries. The best way to do so is by using the Network Administration tool, NsLookup. This command line tool can help you better understand network problems and aid you in solving them.

There are two main methods of using NsLookup for DNS queries; the first one is to use it locally on your computer, and the second one is to use NsLookup online. In this blog post, we’ll talk about both methods and tell you about 8 useful NsLookup command use cases.

How Does DNS Work?

To get a good grasp of NsLookup, we should first go through DNS and what it actually does. The term DNS is short for Domain Name System. Every website on the internet has a numerical IP address. But you don’t reach websites by manually typing the IP address in your browser’s address bar. You type in the website’s domain name, and the DNS maps the domain name to an IP address. Without the help of a DNS, it’s impossible for users to open a website. And when loading a webpage, four different DNS servers collaborate to get the responsible IP address; DNS recursor, Root nameserver, TLD nameserver, and Authoritative nameserver. Each of these DNS types is responsible for one step of the process. For example, the DNS recursor tries to find information about the domain name with the already existing cache data. If it doesn’t find the required information, it passes the request to the root nameserver. The process of handing over the request continues until the DNS can find the related IP address.

What Is NsLookup? 

NsLookup, or name server lookup, is a command-line tool that helps you troubleshoot network problems.

You can use NsLookup to get the IP address of a website by giving it the domain name or vice versa. This type of DNS query is called an “A record,” and it’s not the only DNS query you can make with NsLookup. You can also request an “AAAA record” or a “quad A record.” In the first one, when you ask the NsLookup for the IP address of a domain name, it responds with the responsible IPv4 address. However, the Internet is gradually shifting towards the use of IPv6. So, you need to be able to get the responsible IPv6 address of a domain. An “AAAA” record uses the NsLookup IPv6 command to fulfill the second type of IP request. As for the third example of DNS records you can get from NsLookup, we have the SOA record that gives you useful information and details about a DNS zone. There are many more DNS records you can get via NsLookup, each with a specific command, and these were just a few common examples to familiarize you with the potential of NsLookup. We’ll review more of the functionalities of the NsLookup command in the upcoming sections.

Chances are you already have this tool available to you on your Linux or Windows computer. But according to Microsoft, you can use The NsLookup command-line tool only if you have the TCP/IP protocol installed.

Why Should You Know How to Use NsLookup? 

You may be wondering why I would ever need to use the NsLookup commands, I’m not a network or server administrator. Yet, there are two main reasons why you’d better know how to work with NsLookup:

Troubleshooting Server Connections with NsLookup

Imagine you have a problem with your server’s connection. Using NsLookup commands, you can troubleshoot the connection and solve the problem efficiently and quickly.

Security and Safety

So many phishing attacks involve tiny alterations in the domain name of a trustworthy website. So, a user may make purchases or enter information on that website without actually realizing that it’s not the original website. However, this isn’t the only possible attack you can prevent with NsLookup. In a DNS cache poisoning attack, hackers can route data traffic to another server. This way, users may end up on a potentially dangerous website. By knowing the right type of NsLookup command, DNS record and its corresponding activity, you can tell when it’s used differently.

Knowing a few helpful NsLookup commands and CMD DNS commands can help expand your technical skill set. Next time you run into a server problem, you can take matters into your own hands and solve it yourself.

The Most Commonly Used NsLookup DNS commands on Windows

Now that you’ve learned what ns lookup is, let’s review 6 of the most commonly used NsLookup DNS commands on Windows and what you can do with them.

 

1. Getting the A Record of A Domain

As explained earlier, the A record query is for NsLookup IP check. To use this CMD DNS command on windows, first open your command prompt by pressing Windows+R, typing “cmd,” and clicking Ok. This step is the same for all commands on Windows. Then type “NsLookup” and hit Enter. As a result, you’ll see your default server and your IP address.

Then type in the website’s domain name, and you’ll get the IP address. Here, we’ve got a Non-authoritative answer. What does this mean? It means the answer to our query comes from a non-authoritative source.

getting the A record of a domain on Windows

2. Checking NS Records of A Domain 

This DNS command allows you to find the authoritative name server of a domain name. The authoritative server is the authority of a DNS zone. To find NS information of a domain, you can use this command:

set q=ns
www.example.com

checking NS records of a domain on Windows

3. Getting the SOA Record of A Domain

Another useful CMD DNS command is the SOA record command. Getting the SOA record of a domain is fairly simple and similar to the last DNS command. The only difference is that you set the query type to “soa” instead of “ns”.

So this is what the command looks like:

set q=soa
www.example.com

4. Enabling the Debug Mode

You can get additional information about a domain name by using this DNS command:

set debug
www.example.com

This command puts you in debug mode. The debugging mode gives you information about the packet sent to the server.

Activating the NsLookup debug mode on Windows

5. Finding MX Records 

A Mail Exchange record, or an MX record, tells you which mail server is responsible for receiving emails.

Use this DNS command to get MX records:

set q=mx
domain name

getting the MX record on Windows

6. Checking Reverse DNS Lookup

This command is useful when you have the IP address and are looking for its domain. To get a reverse NsLookup, use this command:

nslookup 'IP address'

 

nslookup reverse dns

The Most Commonly Used NsLookup Commands on Linux

Now, let’s try all these commands on a Linux server.

1. Getting the A record of a domain

To get the A record of a domain on Linux, open the terminal and type in this command:

nslookup example.com

getting the A record of a domain on Linux

2. Checking NS Records of A Domain 

This is the required nslookup command for the name server records of a domain on Linux:

nslookup -type=ns example.com

checking NS records of a domain on Linux

3. Getting the SOA Record of A Domain

Use this nslookup command to get the SOA record of a command:

nslookup -type=soa example.com

4. Enabling the Debug Mode 

Use this nslookup command to enable the debug mode on Linux:

nslookup -debug example.com

Activating the NsLookup debug mode on Linux

5. Finding MX Records 

You can use this nslookup command to find the MX records:

nslookup -query=mx example.com

getting the MX record on Linux

6. Checking Reverse DNS Lookup 

Just like getting the A record of a domain, type in nslookup followed by the Ip address to get the reverse ns lookup:

nslookup 11.11.11.11

reverse NsLookup on Linux

NsLookup Online Tools

Besides the command prompt, you can also use web-based options to query a name server. It works by entering a domain name in the search box of the online tool, and it responds with a wide range of DNS records. Online NsLookup tools cover almost all the queries you can make with the command prompt. Here are three examples of an online NsLookup tool.

  1. Nslookup.io
  2. Broadband search
  3. Web Wiz

To Recap 

Every time a user tries to open a website, the magical hands of a DNS find the IP address and make it possible to reach that website. To have a deeper understanding of your DNS zone and solve its issues, you can use NsLookup. NsLookup is a helpful command line tool that gives you a lot of information about name servers. You can use this tool for multiple purposes, such as troubleshooting server connections and solving DNS problems or enhancing your safety while browsing the internet. In this article, we covered some useful NsLookup commands for both Linux and Windows.

FAQ

Are NsLookup and Ping Different? 

When you translate a domain name to an IP address, both of these tools respond with the same answer. However, their operation processes are different. But it’s important to note that ping is usually used for IP connectivity checks, not for diagnosing and troubleshooting DNS problems.

Can I Use NsLookup with An IP Address?

Yes, NsLookup can be used to get the domain name related to an IP address. You can use reverse NsLookup to get the responsible domain name of an IP address. 

What does DNS lookup tell you?

DNS lookup can translate a domain name to an IP address or vice versa. It also gives you some information about the DNS zone, like the zone’s primary name server.

How to Display IPv6 Name Service Information?

To display IPv6 name service information using nslookup, open a command prompt or terminal and enter “nslookup -query=AAAA example.com”, replacing “example.com” with the domain you’re querying. This command queries the DNS for the domain’s AAAA record, which contains its IPv6 address.

What’s The Difference Between A Records vs. AAAA Records?

A Records and AAAA Records are both DNS records that link domain names to IP addresses, but they cater to different versions of the Internet Protocol. A Records map domain names to 32-bit IPv4 addresses, which are the traditional format of internet addresses. In contrast, AAAA Records link domain names to 128-bit IPv6 addresses, addressing the need for a larger pool of IP addresses due to the exponential growth of internet-connected devices.

My writing is all about details. I think everyone should understand technology easily, and I try my best to make that happen.

Comments

Leave a Comment

Your email address will not be published. Required fields are marked *


Latest Posts