NS Lookup Command in Linux with Examples

nslookup command-line tool operates in two modes, Interactive mode, and non-interactive mode. Let's get to learn each one of them with examples.

nslookup (Name Server Lookup) is a Linux tool used to get information from a DNS Server as requested by the user. The DNS (Domain Name System) is a critical part of the internet used to match websites’ names (e.g., fosslinux.com) to their resulting IP Address. Therefore, the nslookup can come in handy for network administrators to query the DNS to obtain the IP address, domain name, or any other specific DNS record. It is also used in troubleshooting DNS related issues.

nslookup command-line tool operates in two modes, Interactive mode and non-interactive mode. The interactive mode is used when querying the DNS server for information about various hosts, domains, or print hosts in a domain. The non-interactive mode, on the other hand, is limited as it only prints the name and query information for a host or domain.

nslookup non-interactive mode

The non-interactive mode is the most used mode when executing the nslookup command. It is regarded as a faster method as you will only need to pass a single command at every execution.

With this mode, you type nslookup followed by the IP address or the host, you want to look up. Let’s look at some commands you can execute with nslookup in the non-interactive mode.

1. Display the IP address of a hostname

Let’s say you want to get “A Record” (IP address) of a website like nmap.org. All you need to do is launch the Terminal and execute the command below:

nslookup nmap.org

nslookup nmap

nslookup nmapFrom the output above, the server refers to the IP address of the DNS server. Under the Non-authoritative answer section, the address refers to the IP address of the website nmap.org.

Before we look at more examples, it would be best we first understand the difference between Authoritative answer and Non-authoritative answer. An authoritative answer is given when the DNS server hosting the primary copy of the DNS record responses to your lookup. On the other hand, a Non-authoritative answer is when the DNS server responding to your request does not contain the original zone files. Most of the time, the server has a cache of a previously requested DNS record from all DNS lookups done.

2. Perform a reverse DNS lookup

A reverse DNS lookup is where you have an “A Record”/ IP address, and you want to get the resulting hostname. Use the syntax below:

nslookup [ip-address]

Reverse DNS Lookup
Reverse DNS Lookup

3. Display MX records

An MX (Mail Exchange) record is an entry in the DNS.zine file that maps a domain name to a list of mail exchange servers that handle that particular domains’ mails. We will use the syntax below:

nslookup -query=mx [website-name]

nslookup MX records
nslookup MX records

4. Display NS records

NS records are used to identify name servers (both secondary and primary) responsible for a particular DNS zone. We will use the syntax below:

nslookup -query=ns [website-name]

nslookup NS records
nslookup NS records

5. Display an SOA record

A Start of Authority record (SOA) is a DNS record that contains administrative information about the domain. Use the syntax below:

nslookup -query=soa [website-name]

nslookup SOA records
nslookup SOA records

6. Display all DNS records

We will use the syntax below:

nslookup -query=any [website-name]

7. Use a different port number

By default, the DNS protocol runs on port 53. If the port was changed for any reason, you could specify the set port using the -port argument.

nslookup -port=[port-number] [website-name]

nslookup custom port
nslookup custom port

nslookup interactive mode

The nslookup interactive mode is quite simple. All you need to do is execute the nslookup command on the Terminal, and it will give you a prompt where you can execute your commands. See the image below.

nslookup prompt
nslookup prompt

To get the hostname’s IP address, enter the website’s name in the prompt and hit Enter.

IP address
IP address

To perform a reverse DNS lookup, enter the IP address of the host.

Reverse DNS Lookup
Reverse DNS Lookup

To display the MX (mail exchange) records, use the command below:

set type=mx

nslookup MX
nslookup MX

To display the NS records, use the command below:

set type=ns

nslookup NS
nslookup NS

Conclusion

The Internet Systems Consortium had briefly listed the nslookup program as deprecated but later reversed this decision. The deprecation listing mainly favored the host and dig commands/programs that can perform the same functions as the nslookup command at a somewhat higher industry acceptance level.

Arun Kumar
Arun did his bachelor in computer engineering and loves enjoying his spare time writing for FOSS Linux. He uses Fedora as the daily driver and loves tinkering with interesting distros on VirtualBox. He works during the day and reads anything tech at night. Apart from blogging, he loves swimming and playing tennis.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

STAY CONNECTED

23,048FansLike
407FollowersFollow
16SubscribersSubscribe

LATEST ARTICLES

MUST READ

The hierarchy tree of Linux Mint makes it an Ubuntu-based Debian-based Linux distribution that is community-driven. This historical and developmental attribute of this Linux distro makes it an ideal candidate to offer free and open-source bundled applications to a vast range of its Linux community users. Additionally, after completing out-of-the-box multimedia support, users directly benefit from its proprietary software support through multimedia codecs.
The innovative strides of email services came as a faster alternative for the postal services. However, it does not imply that the growing use and embrace of email services have contributed postal services to the messaging world obsolete, for not all messages are transmitted through words.