Use nslookup Command in Linux with Examples: Best For DNS-related Tasks
In this guide, we’ll explore how to Use nslookup Command in Linux. Name server lookup (nslookup) is a vital command-line tool that allows you to query Domain Name System (DNS) servers. This enables you to find the IP address associated with a domain name or retrieve various DNS records for a specific hostname. Furthermore, nslookup supports reverse DNS lookups, where you input an IP address to find the corresponding domain. The nslookup tool is particularly useful for DNS-related tasks, such as server testing and general Linux troubleshooting.
Let’s delve into how to use nslookup effectively on your Linux system.
To follow along with this guide, you’ll need access to a Linux server. Log in to your server and proceed with the following steps.
Step 1. Install nslookup in Linux
While nslookup is often pre-installed on major operating systems, you might need to install it if it’s missing. Here’s how to install it on different Linux distributions:
-
On Ubuntu / Debian:
sudo apt install dnsutils -
On CentOS, Fedora, and Red Hat:
On these distributions, nslookup is included within the
bind-utilspackage. Install it using:sudo dnf install bind-utils
Step 2. nslookup Modes with Examples
Nslookup offers two primary modes of operation: interactive and non-interactive.
Interactive Mode:
To enter nslookup interactive mode, simply type the command:
nslookupThis will present a prompt where you can issue multiple queries:
>For instance, to find information about www.google.com, you would type:
> www.google.comServer: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
www.google.com canonical name = ddd.l.google.com.
Name: ddd.l.google.com
Address: 142.250.184.78In interactive mode, you can set options before issuing queries. The syntax for setting options is:
set [option]For example, to retrieve the name servers for google.com, use:
> set type=ns
> google.comServer: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
google.com nameserver = ns1.google.com.
google.com nameserver = ns2.google.com.
google.com nameserver = ns3.google.com.
google.com nameserver = ns4.google.com.
Authoritative answers can be found from:
ns1.google.com internet address = 216.239.32.10
ns2.google.com internet address = 216.239.34.10
ns3.google.com internet address = 216.239.36.10
ns4.google.com internet address = 216.239.38.10To exit interactive mode, type:
> exitNon-interactive Mode:
Non-interactive mode is for executing single queries directly from the command line. The syntax is:
nslookup [options] [domain-name]For example:
nslookup www.google.comServer: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
www.google.com canonical name = ddd.l.google.com.
Name: ddd.l.google.com
Address: 142.250.184.78Step 3. nslookup Command Options
Here’s a table of common and useful nslookup command options in Linux:
| nslookup Option | Description |
|---|---|
-domain=[domain-name] |
Change the default DNS name. |
-debug |
Show debugging information. |
-port=[port-number] |
Specify the port for queries. The default port number is 53. |
-timeout=[seconds] |
Specify the time allowed for the server to respond. |
-type=a |
View information about the DNS A address records. |
-type=any |
View all available records. |
-type=hinfo |
View hardware-related information about the host. |
-type=mx |
View Mail Exchange server information. |
-type=ns |
View Name Server records. |
-type=ptr |
View Pointer records. Used in reverse DNS lookups. |
-type=soa |
View Start of Authority records. |
Step 4. Work with nslookup in Linux
Let’s explore some common use cases for the nslookup command in Linux:
- Finding the host IP address
- Finding the domain name of an IP address
- Finding mail servers for a domain
These are frequently encountered scenarios when working with DNS.
Find the Host IP Address
To find the IP address of a host, use the following syntax:
Non-interactive mode:
nslookup domain-nameInteractive mode:
nslookup
> domain-nameFind the Domain Name of an IP Address
To perform a reverse DNS lookup and find the domain name associated with an IP address:
Non-interactive mode:
nslookup IP-addressInteractive mode:
nslookup
> IP-addressFind Mail Servers for a Domain
To discover the mail servers responsible for handling email for a specific domain:
Non-interactive mode:
nslookup -querytype=mx domain-nameInteractive mode:
nslookup
> set type=mx
> domain-nameThese commands provide essential DNS information for various tasks.
Conclusion
You’ve now learned how to Use nslookup Command in Linux with Examples. The primary application of nslookup lies in diagnosing and resolving DNS-related problems. Mastering nslookup is a valuable skill for any Linux system administrator or developer.
Alternative Solutions for DNS Lookups
While nslookup is a traditional and widely available tool, alternative solutions offer more features, cleaner output, and improved functionality. Here are two alternatives to consider:
1. dig (Domain Information Groper)
dig is a more advanced and feature-rich command-line tool for querying DNS name servers. It provides more detailed information and greater control over the query process compared to nslookup. It’s often preferred for its clarity and comprehensive output.
Installation:
dig is typically part of the bind-utils or dnsutils package, similar to nslookup. If you don’t have it, install it using:
-
Ubuntu/Debian:
sudo apt install dnsutils -
CentOS/Fedora/Red Hat:
sudo dnf install bind-utils
Examples:
-
Finding the A record (IP address) for a domain:
dig www.google.com AThis command specifically requests the A record for
www.google.com, providing the IP address(es). -
Finding the MX records (mail servers) for a domain:
dig google.com MXThis retrieves the MX records, showing the mail servers and their priority for the domain.
-
Performing a reverse DNS lookup:
dig -x 8.8.8.8This command performs a reverse lookup on the IP address
8.8.8.8(Google’s public DNS server), revealing the corresponding domain name.
Advantages of dig over nslookup:
- More detailed output:
digprovides more comprehensive information, including the DNS server used, query time, and response flags. - Greater control:
digoffers more options for customizing queries, such as specifying the DNS server to use, setting the timeout, and requesting specific record types. - Scripting-friendly output: The output of
digis generally easier to parse in scripts than nslookup’s output.
2. host Command
The host command is another simple and straightforward tool for performing DNS lookups. It’s often used for basic queries and provides a cleaner output than nslookup for common tasks.
Installation:
Like dig, host is usually part of the bind-utils or dnsutils package. Install it if needed using the same commands as for dig.
Examples:
-
Finding the IP address for a domain:
host www.google.comThis command returns the IP address(es) associated with
www.google.com. -
Finding the MX records for a domain:
host -t mx google.comThis retrieves the MX records for
google.com, similar to thedigcommand. -
Performing a reverse DNS lookup:
host 8.8.8.8This performs a reverse lookup on the IP address
8.8.8.8.
Advantages of host over nslookup:
- Simpler syntax: The
hostcommand has a more concise syntax, making it easier to use for basic lookups. - Cleaner output: The output of
hostis generally cleaner and more human-readable than nslookup’s output. - Widely available: Like nslookup,
hostis typically pre-installed on many Linux systems.
Choosing the Right Tool:
- For simple DNS lookups and quick checks,
hostprovides a clean and easy-to-use interface. - For more detailed analysis, troubleshooting, and scripting,
digis the preferred choice due to its comprehensive output and advanced features. - While nslookup is still a viable option,
digandhostoffer significant improvements in terms of functionality and usability.
In conclusion, while Use nslookup Command in Linux can be a useful tool, dig and host offer superior alternatives for DNS lookups in Linux environments. Consider adopting these tools for improved clarity, control, and efficiency in your DNS-related tasks.
