Ultima modifica: Jun 13, 2020 12:30 PM tags: Università
nslookup is a powerful network administration command-line tool, available for many of the popular computer operating systems for querying DNS to obtain domain names or IP addresses, mapping or for any other specific DNS Records.Here are the ten most used command lines with nslookup that will help you to understand better your domain's management.
1. How to find the A record of the domain?
**Command line**:
$ nslookup example.com
**Output:**
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: example.com
Address: 10.20.30.40
2. How to check the NS records of a domain?
**Command line:**
$ nslookup example.com
**Output:**
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: example.com
Address: 10.20.30.40
3. How to query the SOA record of a domain?
**Command line:**
$nslookup -type=soa example.com
**Output:**
Server: 192.168.19.2
Address: 192.168.19.2#53
Non-authoritative answer:
example.com
origin = ns1.nsexample.com.com
mail addr = noc.example.com
serial = 2015031401
refresh = 300
retry = 180
expire = 604800
minimum = 14400
Authoritative answers can be found from:
ns1.nsexample.com internet address = 10.20.30.40
4. How to find the MX records, responsible for the mail exchange?
**Command line:**
$ nslookup -query=mx example.com
**Output:**
Server: 127.0.0.1
Address: 127.0.0.1#53
example.com mail exchanger = 10 mx1.example.com.
example.com mail exchanger = 5 mx2.example.com.
Authoritative answers can be found from:
mx1.example.com internet address = 10.20.30.40
mx2.example.com internet address = 50.60.70.80
5. How to find all of the available DNS records of a domain?
**Command line:**
$ nslookup -type=any example.com
**Output**:
Server: 192.168.19.2
Address: 192.168.19.2#53
Non-authoritative answer:
Name: example.com
Address: 173.194.35.7
Name: example
Address: 173.194.35.8
example.com nameserver = ns1.nsexample.com.
example.com nameserver = ns2.nsexample.com.
example.com
origin = ns1.nsexampple.com.com
mail addr = noc.example.com
serial = 2015031401
refresh = 300
retry = 180
expire = 604800
minimum = 14400
example.com mail exchanger = 10 mx1.example.com.
example.com mail exchanger = 5 mx2.example.com.
example.com has AAAA address 20:20:20:20
Authoritative answers can be found from:
ns3.nsexample.com internet address = 110.120.130.140
ns4.nsexample.com internet address = 210.220.230.240
6. How to check the using of a specific DNS Server?
**Command line:**
$ nslookup example.com ns1.nsexample.com
**Output:**
Server: 209.132.186.218
Address: 209.132.186.218#53
Name: example.com
Address: 1.2.3.4
7. How to check the Reverse DNS Lookup?
**Command line:**
$ nslookup 10.20.30.40
**Output:**
Server: 192.168.19.2
Address: 192.168.19.2#53
Non-authoritative answer:
40.30.20.10.in-addr.arpa name = example.com.
8.How to change the port number for the connection?
**Command line:**
$ nslookup -port=56 example.com
9.How to change the timeout interval for a reply?
**Command line:**
$ nslookup -timeout=20 example.com
10.How to enable debug mode?
**Command line:**
$ nslookup -debug example.com
**Output:**
Server: 192.168.19.2
Address: 192.168.19.2#53
------------
QUESTIONS:
example.com, type = A, class = IN
ANSWERS:
-> example.com
internet address = 1.2.3.4
ttl = 10
AUTHORITY RECORDS:
ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name: example.com
Address: 1.2.3.4
Notes:
Authoritative answer - This is the answer that originates from the DNS Server which has the information about the zone file;Non-autoritative answer - When a nameserver is not in the list for the domain you did a lookup on;Different port - By default, the DNS servers use port 53.
Non-authoritative answer simply means the answer is not fetched from the authoritative DNS server for the queried domain name.
First you have to understand how DNS system works. DNS system can be divided into three tiers. They are:
- root DNS servers
- top-level domain DNS servers
- authoritative DNS servers
There's another class of DNS Server usually called local DNS server whose IP address is specified on your operating system.
When your browser connects to a website say example.com, the browser first queries your local DNS server to get the IP address of example.com.
- If the local DNS server doesn't have the A record of example.com, it will query one of the root DNS servers.
- The root DNS server will say: I don't have the A record but I know the top-level domain DNS server which is responsible for .com domains.
- Then your local DNS server query the top-level domain DNS server which is responsible for .com domains. The TLD DNS server will respond: I don't know either but I know which DNS server is authoritative for example.com.
- So your local DNS server queries the authoritative DNS server. Because the actual DNS record is stored on that authoritative DNS server, so it will give your local DNS server an answer.
Then this query result is cached on your local DNS server but it can be outdated. When the TTL time has expired, your local DNS server will update the query result from the authoritative DNS server. Whenever you query a DNS record on your local DNS server, it returns a non-authoritative (unofficial) answer. If you want an authoritative answer, you must explicitly specify the authoritative DNS server when you use nslookup or other utilities. I think a local DNS server should be called caching DNS server.
When someone registers a domain name, he/she can specify which DNS server is the authoritative DNS server. This information is called an NS record. The NS record will tell a top-level domain DNS server which nameserver holds the domain's A record, MX record, etc.