Using Nslookup in Windows to List DNS Servers and Records

Nslookup (name server lookup) is a command-line tool that is used to diagnose and validate DNS servers and records, and to find name resolution problems in the DNS subsystem. The nslookup tool was originally developed as a part of the BIND package and ported to Windows by Microsoft. Nslookup is currently a built-in tool in all supported versions of Windows.

How to Use Nslookup to Check DNS Records?

Using the nslookup utility, you can determine the IP address of any server by its DNS name, perform the reverse DNS lookup, and get information about the various DNS records for a specific domain name.

When running, Nslookup sends queries to the DNS server that is specified in your network adapter settings. This address is considered the default (preferred) DNS server. If the preferred server is not responding, nslookup will not switch to an alternate DNS server. The user can specify the address of any other available DNS server. As a result, all subsequent DNS requests will be sent to it.

You can view or change your preferred and alternative DNS server IP addresses in the network connection properties.

nslookup dns server

Or you can get your DNS server setting from the CLI prompt using the ipconfig command:

ipconfig /all

nslookup list dns servers

You can use the nslookup tool in interactive or non-interactive mode.

To run a DNS query using the nslookup tool in non-interactive mode, open a Command prompt, and run the command:

Nslookup theitbros.com

windows list dns servers

In this example, we requested the IP address of theitbros.com domain. The nslookup utility queries the DNS server (it is specified in the Server line) and it returned that this name matches the IP address 37.1.214.145 (A and AAAA records are shown by default).

This response indicates that your DNS server is available, works properly, and processes requests for resolving DNS names.

If you received such an answer:

Server: dns1.contoso.com

Address: хх.хх.хх.хх

*** dns1.contoso.com can’t find theitbros.com: Non-existent domain

This means that no entries were found for this domain name on the DNS server.

If your DNS server is unavailable or not responding, you will receive a DNS request timed out error.

nslookup list all records

In this case, check if you have specified the correct DNS server address and whether there is a problem with the network connection from the IS provider.

Hint. Make sure your DNS server is available on port 53 UDP and TCP and this port is not blocked by a firewall.

The Non-authoritative answer means that the DNS server that executed the request is not the owner of the theitbros.com zone (there are no records about this domain in its database) and to perform name resolution a recursive query to another DNS server was used.

You can enable and disable the recursive nslookup mode using the commands (by default, recursive DNS queries are enabled):

set recurse

set norecurse

You can access an authoritative DNS server by specifying its address directly in the parameters of the nslookup utility. For example, to resolve a name on the authoritative DNS server (that contains this domain) use the command:

Nslookup theitbros.com ns1.theitbros.com

When you run nslookup without parameters, the utility switches to the interactive mode. In this mode, you can execute various commands. A complete list of available internal commands of the nslookup utility can be displayed by typing a question.

Tip. Note that nslookup commands are case-sensitive.

find dns servers on network

To close the interactive nslookup session, type exit and press Enter.

To find the DNS servers that are responsible for a specific domain (Name Server authoritative servers), run the following commands:

set query=ns

theitbros.com

list all dns servers in domain

You can perform reverse lookups (get DNS name by IP address). Just type the IP address in the nslookup interactive prompt and press Enter.

list dns servers windows

Using Nslookup to Get Different DNS Record Types

The default nslookup resource records type is A and AAAA, but you can use different types of resource records:

  • A
  • ANY
  • CNAME
  • GID
  • HINFO:
  • MB
  • MG
  • MINF
  • MR
  • MX
  • NS
  • PTR
  • SOA
  • TXT
  • UID
  • UINFO
  • WKS

You can set specific record types to lookup using the nslookup parameter:

-type=<record_type>

For example, to list all mail servers configured for a specific domain (MX, Mail eXchange records), run the command:

nslookup -type=mx theitbros.com

nslookup all records

Non-authoritative answer:

theitbros.com   MX preference = 10, mail exchanger = mail.theitbros.com

theitbros.com   MX preference = 20, mail exchanger = mail.theitbros.com

mail.theitbros.com      internet address = 37.1.214.145

mail.theitbros.com      internet address = 37.1.214.145

As you can see, this domain has 2 MX records with priorities 10 and 20 (the lower the number, the higher the priority of the MX address). If you don’t see MX records, they probably just aren’t configured for that domain.

To list all DNS records in the domain zone, run the command:

nslookup -type=any theitbros.com

find all dns servers on domain

Non-authoritative answer:

theitbros.com   internet address = 37.1.214.145

theitbros.com   nameserver = ns2.theitbros.com

theitbros.com   nameserver = ns1.theitbros.com

theitbros.com   MX preference = 10, mail exchanger = mail.theitbros.com

theitbros.com   MX preference = 20, mail exchanger = mail.theitbros.com

ns2.theitbros.com       internet address = 74.80.224.189

ns1.theitbros.com       internet address = 37.1.214.145

mail.theitbros.com      internet address = 37.1.214.145

mail.theitbros.com      internet address = 37.1.214.145

To get the SOA record (Start of Authority — start DNS zone record, which contains information about the domain zone, its administrator’s address, serial number, etc.), use the option -type=soa:

nslookup -type=soa theitbros.com

theitbros.com

primary name server = pdns1.registrar-servers.com

responsible mail addr = hostmaster.registrar-servers.com

serial = 1601449549

refresh = 43200 (12 hours)

retry = 3600 (1 hour)

expire = 604800 (7 days)

default TTL = 3601 (1 hour 1 sec)

pdns1.registrar-servers.com internet address = 156.154.130.200

pdns1.registrar-servers.com AAAA IPv6 address = 2610:a1:1022::200

find dns server for domain windows

  • primary name server;
  • responsible mail addr — domain administrator email address (hostmaster@registrar-servers.com). Since the @ symbol in the zone description has its own meaning, it is replaced by a dot in this field);
  • serial — the serial number of the zone file, used to record changes. The following format is usually used: YYYYMMDDHH;
  • refresh — the period of time (in seconds) after which the secondary DNS server will send a request to the primary one to check if the serial number has changed;
  • retry — specifies the interval for reconnecting to the primary DNS server if for some reason it was unable to respond to the request;
  • expire — specifies how long the DNS cache is kept by the secondary DNS server, after which it will be considered expired;
  • default TTL — “Time to Live” seconds. Refers to how long your DNS settings must be cached before they are automatically refreshed;
  • minimum — specifies the time for which the secondary DNS should cache the zone file.

If you want to list the TXT records of a domain (for example, when viewing SPF settings), run the command:

nslookup -type=TXT theitbros.com

The debug option allows you to get additional information contained in the headers of client DNS requests and server responses (lifetime, flags, record types, etc.):

set debug

nslookup show all records

You can view the current values for all specified nslookup options with the command:

> set all

Default Server: ns1.theitbros.com

Address: 192.168.1.11

Set options:

nodebug

defname

search

recurse

nod2

novc

noignoretc

port=53

type=A+AAAA

class=IN

timeout=2

retry=1

root=A.ROOT-SERVERS.NET.

domain=xxx

MSxfr

IXFRversion=1

srchlist=xxx

list all dns records for a domain nslookup

By default, DNS servers listen on UDP port 53, but you can specify a different port number if necessary using the -port option:

nslookup port 56 theitbros.com

or interactively:

set port = 56

You can change the interval to wait for a response from the DNS server. This is usually necessary on slow or unstable network links. By default, if no response comes within 5 seconds, the request is repeated, increasing the waiting time by 2x. But you can manually set this value in seconds using the -timeout option:

nslookup -timeout=10 theitbros.com

Most Commonly Used Nslookup Command Examples

Get an IP address of the host/domain (A record):

nslookup theitbros.com

Get and IPv6 address for a host/domain:

nslookup -type=AAAA mx.theitbros.com

List domain MX records:

nslookup -query=mx theitbros.com

how to find all dns servers in domain

Query NS records (list of DNS servers authoritative of the domain):

nslookup -type=ns theitbros.com

Get the SOA record for the domain:

nslookup -type=soa theitbros.com

List all the available DNS records for the specific domain:

nslookup -type=any theitbros.com

Reverse DNS lookup (get the DNS record by an IP address):

nslookup 35.209.36.0

windows nslookup specify dns server

Query a specific DNS server instead of the default one (preferred DNS):

nslookup theitbros.com ns1.siteground.net

Check for a PTR record:

nslookup -type=ptr 0.36.209.35.in-addr.arpa

Query DNS server using the debug mode of the nslookup:

nslookup -debug theitbros.com

Change the default timeout interval for a reply:

nslookup -timeout=20 theitbros.com

Common Nslookup Errors

In this section, we list common errors that the nslookup tool may return:

  • DNS request timed out — the server doesn’t respond to the request, after some time (timeout), and a certain number of request attempts. You can set the request timeout using the set timeout subcommand. You can set the number of retry requests using the set retry.
  • Non-existent domain — domain/host name does not exist;
  • No response from the server — DNS server not responding to nslookup requests;
  • No records — there are no records on the DNS server for your query;
  • Connection refused/ Network is unreachable — connection to DNS server not established;
  • Server failure — the DNS server has encountered an internal error in its database and cannot provide a correct answer;
  • Refused — the DNS server dropped the connection.

how to find dns servers on network

Nslookup is a very handy tool that allows you to troubleshoot DNS-related network problems. In this article, we covered the basics of working with the nslookup command on Windows.

I enjoy technology and developing websites. Since 2012 I'm running a few of my own websites, and share useful content on gadgets, PC administration and website promotion.
Latest posts by Cyril Kardashevsky (see all)

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.