Home Learn Linux NS Lookup Command in Linux with Examples

NS Lookup Command in Linux with Examples

by Arun Kumar
NSLookup Command

nslookup (Name Server Lookup) is a Linux tool used to get information from a DNS Server as requested by the user. The DNS (Domain Name System) is a critical part of the internet used to match websites’ names (e.g., fosslinux.com) to their resulting IP Address. Therefore, the nslookup can come in handy for network administrators to query the DNS to obtain the IP address, domain name, or any other specific DNS record. It is also used in troubleshooting DNS related issues.

nslookup command-line tool operates in two modes, Interactive mode and non-interactive mode. The interactive mode is used when querying the DNS server for information about various hosts, domains, or print hosts in a domain. The non-interactive mode, on the other hand, is limited as it only prints the name and query information for a host or domain.

nslookup non-interactive mode

The non-interactive mode is the most used mode when executing the nslookup command. It is regarded as a faster method as you will only need to pass a single command at every execution.

With this mode, you type nslookup followed by the IP address or the host, you want to look up. Let’s look at some commands you can execute with nslookup in the non-interactive mode.

1. Display the IP address of a hostname

Let’s say you want to get “A Record” (IP address) of a website like nmap.org. All you need to do is launch the Terminal and execute the command below:

nslookup nmap.org

nslookup nmap

nslookup nmapFrom the output above, the server refers to the IP address of the DNS server. Under the Non-authoritative answer section, the address refers to the IP address of the website nmap.org.

Before we look at more examples, it would be best we first understand the difference between Authoritative answer and Non-authoritative answer. An authoritative answer is given when the DNS server hosting the primary copy of the DNS record responses to your lookup. On the other hand, a Non-authoritative answer is when the DNS server responding to your request does not contain the original zone files. Most of the time, the server has a cache of a previously requested DNS record from all DNS lookups done.

2. Perform a reverse DNS lookup

A reverse DNS lookup is where you have an “A Record”/ IP address, and you want to get the resulting hostname. Use the syntax below:

nslookup [ip-address]
Reverse DNS Lookup

Reverse DNS Lookup

3. Display MX records

An MX (Mail Exchange) record is an entry in the DNS.zine file that maps a domain name to a list of mail exchange servers that handle that particular domains’ mails. We will use the syntax below:

nslookup -query=mx [website-name]
nslookup MX records

nslookup MX records

4. Display NS records

NS records are used to identify name servers (both secondary and primary) responsible for a particular DNS zone. We will use the syntax below:

nslookup -query=ns [website-name]
nslookup NS records

nslookup NS records

5. Display an SOA record

A Start of Authority record (SOA) is a DNS record that contains administrative information about the domain. Use the syntax below:

nslookup -query=soa [website-name]
nslookup SOA records

nslookup SOA records

6. Display all DNS records

We will use the syntax below:

nslookup -query=any [website-name]

7. Use a different port number

By default, the DNS protocol runs on port 53. If the port was changed for any reason, you could specify the set port using the -port argument.

nslookup -port=[port-number] [website-name]
nslookup custom port

nslookup custom port

nslookup interactive mode

The nslookup interactive mode is quite simple. All you need to do is execute the nslookup command on the Terminal, and it will give you a prompt where you can execute your commands. See the image below.

nslookup prompt

nslookup prompt

To get the hostname’s IP address, enter the website’s name in the prompt and hit Enter.

IP address

IP address

To perform a reverse DNS lookup, enter the IP address of the host.

Reverse DNS Lookup

Reverse DNS Lookup

To display the MX (mail exchange) records, use the command below:

set type=mx
nslookup MX

nslookup MX

To display the NS records, use the command below:

set type=ns
nslookup NS

nslookup NS


The Internet Systems Consortium had briefly listed the nslookup program as deprecated but later reversed this decision. The deprecation listing mainly favored the host and dig commands/programs that can perform the same functions as the nslookup command at a somewhat higher industry acceptance level.

You may also like

Leave a Comment



FOSS Linux is a leading resource for Linux enthusiasts and professionals alike. With a focus on providing the best Linux tutorials, open-source apps, news, and reviews written by team of expert authors. FOSS Linux is the go-to source for all things Linux.

Whether you’re a beginner or an experienced user, FOSS Linux has something for everyone.

Follow Us


©2016-2023 FOSS LINUX



“Linux” is the registered trademark by Linus Torvalds in the U.S. and other countries.