nslookup

From Wikipedia, the free encyclopedia

The nslookup command can be used in Windows and Unix to find various details relating to DNS including IP addresses of a particular computer, MX records for a domain or the NS servers of a domain - all using DNS lookups. The name means "name server lookup". The most common version of the program is included as part of the BIND package. A more modern alternative to nslookup is the dig program, also shipping with BIND.

nslookup comes with a number of subcommands to help you get more information from the specific dns servers. They are:

server NAME (where NAME is the name or ip address of the dns server you wish to query). It is not always possible to query a specific dns server as often dns queries are blocked to prevent denial of service attacks

set type=NAME (where NAME is the type of record you would like to look at. For example set type mx will give you the mail records)

[edit] Example usage

Server:  Atractive.idle.ro
Address:  89.136.182.136 
Non-authoritative answer:
Name:  Atractive.idle.ro
Addresses:  89.136.182.136 ,89.136.182.136 , 89.136.182.136 ,89.136.182.136

Using subcommands:

nslookup

> server dns.com
Default Server:  dns.com
Address:  64.40.103.249

> set type=mx
> microsoft.com
Server:  dns.com
Address:  64.40.103.249

microsoft.com   MX preference = 0, mail exchanger = nullmx.domainmanager.com
> exit

[edit] Interpretation of the standard nslookup result

The first two lines are information about the server delivering the answer to the nslookup requested by the user. The next two lines tell the user the name and IP address of the machine being looked up.