Nslookup cover

Using Nslookup Command to Check DNS Servers and Records


Nslookup (name server lookup) is a command-line utility that is used to diagnose and verify DNS servers and records, and detect problems with resolving names in the DNS subsystem. The nslookup utility was originally developed as part of the BIND package and ported to Windows by Microsoft. At this moment Nslookup is a built-in tool in all supported versions of Windows OS.

How to Use Nslookup to Check DNS Records?

Using the nslookup utility, you can determine the IP address of any server by its DNS name, perform the reverse conversion (reverse DNS lookup), get information about the various DNS records of the specific domain name.

When running, Nslookup sends queries to the DNS server that is specified in the settings of your network connection. This address is considered as a default (preferred) DNS server. The user can specify the address of any other available DNS server. As a result, all the following DNS queries will be sent on it.

You can use the nslookup utility in interactive or non-interactive mode.
To run a DNS query using nslookup tool in non-interactive mode, open a Command prompt and run the command:

Nslookup theitbros.com

Nslookup

In this example, we requested the IP address of theitbros.com domain. The nslookup utility queries the DNS server (it is specified in the Server line) and it returned that this name corresponds to the IP address 37.1.214.145.

Such a response indicates that your DNS server is available, works properly and processes requests for resolving DNS names.

If you received such an answer:

Server: dns1.contoso.com

Address: хх.хх.хх.хх

*** dns1.contoso.com can't find theitbros.com: Non-existent domain

This means that no entries in the DNS zone have been found for this name.

If your DNS server is unavailable or not responding, you will receive a DNS request timed out error.

nslookup command

In this case, check if you have specified the correct DNS server address and whether there is a problem with the network connection from the IS provider.

The Non-authoritative answer means that the DNS server that executed the request is not the owner of the theitbros.com zone (there are no records about this domain in its database), and to perform name resolution a recursive query to another DNS server was used.

You can access an authoritative server by specifying its address directly in the parameters of the nslookup utility. For example, to resolve a name on the authoritative DNS server (that contains this domain) use the command:

Nslookup theitbros.com ns1.theitbros.com

When you run nslookup without parameters, the utility switches to the interactive mode. In this mode, you can execute various commands. A complete list of available internal commands of the nslookup utility can be displayed by typing a question.

Tip. Note that the commands of the nslookup utility are case sensitive.

nslookup tool

To close nslookup interactive session, type exit and press Enter.

To find the DNS servers that are responsible for a specific domain (authoritative servers), run the following commands:

set query=ns

theitbros.com

nslookup server

You can perform the reverse queries (get DNS name by IP address), just type the IP address in the nslookup interactive prompt and press Enter.

nslookup check dns

You can specify the type of DNS records that nslookup should return. For example, to list all mail servers configured for a particular domain, run the command:

nslookup -type=mx theitbros.com

nslookup check dns records

Non-authoritative answer:

theitbros.com   MX preference = 10, mail exchanger = mail.theitbros.com

theitbros.com   MX preference = 20, mail exchanger = mail.theitbros.com

mail.theitbros.com      internet address = 37.1.214.145

mail.theitbros.com      internet address = 37.1.214.145

As you can see, this domain has 2 MX records with priorities 10 and 20 (the lower the number, the higher the priority of the address). If the MX record is not displayed, it’s likely that they are simply not configured for this domain.

To list all DNS records in the domain zone, run the command:

nslookup -type=any theitbros.com

nslookup dns

Non-authoritative answer:

theitbros.com   internet address = 37.1.214.145

theitbros.com   nameserver = ns2.theitbros.com

theitbros.com   nameserver = ns1.theitbros.com

theitbros.com   MX preference = 10, mail exchanger = mail.theitbros.com

theitbros.com   MX preference = 20, mail exchanger = mail.theitbros.com

ns2.theitbros.com       internet address = 74.80.224.189

ns1.theitbros.com       internet address = 37.1.214.145

mail.theitbros.com      internet address = 37.1.214.145

mail.theitbros.com      internet address = 37.1.214.145

Debug option allows you to obtain additional information contained in the headers of client DNS requests and server responses (lifetime, flags, record types, etc.):

set debug

nslookup dns records

You may also like:

Fixing DNS Server Not Responding Error on Windows ... Let's discuss a quite frequent problem, when user could not access Internet on the Windows computer. The problem is related to the inaccessible DNS se...
GPT or MBR: How to Check HDD Partition Table Style The modern versions of Windows and other operating systems can use one of two standards to store information about hard disk partitions structures. Th...
Disable Autodiscover on Exchange 2007 Server This tutorial will show you how to disable autodiscover on an Exchange 2007 on-premise server. Microsoft says this can't be done, but the following st...
How to Install and Configure DNS Server on Windows... This article is a step by step tutorial on how to install and configure a DNS Server on Windows Server 2016 /2012 R2. Also we will show you how to cre...
Using Takeown.exe Command to take Ownership of a F... You can change the owner of a file or folder in Windows through the File Explorer GUI (File > Properties > Security > Advanced > Owner >...

Add Your Comment