How to use Linux NSLOOKUP command

Time:2020-10-17

[who is NSLOOKUP? ]

The NSLOOKUP command is a very common network command in Linux. In short, it is used to check DNS information.

From man NSLOOKUP, we can see that the official explanation for NSLOOKUP is “query Internet name servers interactively”.

[who is the author of NSLOOKUP? ]

Through man NSLOOKUP, we can see that the author is Andrew cherenson. I found his LinkedIn home page. It turns out that

He is a top student in computer science and has studied at Harvard University and the University of California, Berkeley.

Currently working for choicestream,

[the system does not have the NSLOOKUP command? ]

If you don’t have the NSLOOKUP command on your Linux system, you probably don’t have the bind utils package installed.

Just Yum install bind utils can solve the problem.

[two modes of NSLOOKUP]

NSLOOKUP is a program that can query the information of Internet domain name server. He has two working modes: interactive mode and non interactive mode.

In the “interactive mode”, users can query the information of various hosts and domain names from the domain name server, or output the host list in the domain name.

In the “non interactive mode”, users can only get specific name or required information for a host or domain name.

[how to enter interactive mode? ]

There are two ways to enter interactive mode.

In the first method, you can directly enter the NSLOOKUP command without any parameters. In this case, NSLOOKUP will connect to the default domain name server (i.e. / etc)/ resolv.conf The first DNS address of).

The second method is to support the selection of different domain name servers. You need to set the first parameter to “- and then the second parameter is to set the host name or IP address of the domain name server to be connected.

[how to enter non interactive mode? ]

If you add the IP or host name to be queried directly after the NSLOOKUP command, you are in non interactive mode. Of course, at this time, you can also set the domain name server to be connected in the second parameter position.

1. NSLOOKUP function

NSLOOKUP is used to query DNS records, query whether domain name resolution is normal, and to diagnose network problems in case of network failure

2. Inquiry

a. Direct query

nslookup domain [dns-server]
 //If no DNS server is specified, the default DNS server is used.

b. Query other records


nslookup -qt = type domain [dns-server]

type:
A — > address record
AAAA — > address record
Afsdb Andrew — > file system database server record
Atma — > ATM address record
CNAME — > alias record
Hinho — > hardware configuration records, including CPU and operating system information
ISDN — > ISDN number corresponding to domain name
MB — > server to store the specified mailbox
Mg — > mail group record
Minfo — > information record of mail group and mailbox
Mr — > renamed email record
MX — > mail server record
NS — > name server record
PTR > reverse record
RP — > responsible person record
RT — > route penetration record
SRV — > TCP server information record
Txt — the text information corresponding to the domain name
X25 — > X.25 address record corresponding to domain name

c. Search for more specific information

NSLOOKUP - D [other parameters] domain [DNS server]   
//As long as you add the - D parameter to the query, you can query the domain name cache

example


[[email protected] ~]# nslookup www.jsdig.com
Server:     202.96.104.15
Address:    202.96.104.15#53

Non-authoritative answer:
www.jsdig.com canonical name = host.1.jsdig.com.
Name:  host.1.jsdig.com
Address: 100.42.212.8

The above is the whole content of this article, I hope to help you in your study, and I hope you can support developeppaer more.