Monday, March 21, 2016

nslookup Command

A Network Administrator command  which help diagnosis DNS related issue. However to understand this,  you should better to know how DNS works.

How to troubleshoot DNS related issue.

1. NSLOOKUP example display "A Record" (IP Adress) of the domain




C:\Users\jpudasaini>nslookup jpudasaini.com.np 8.8.8.8
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Non-authoritative answer:
Name:    jpudasaini.com.np
Address:  216.239.32.21

A Non-Authoritative Answer is a response from Cache. A DNS server is
authoritative for zones actually holds it.

The above output shows "A Records" (IP Adress) of the domain
"jpudasaini.com.np". Which is actually query to the public Google DNS. If
you don't put DNS after the domain, it will used your default DNS, in my
case I have used public DNS.

2. MX Record using -query=mx

MX (Mail Exchange) record maps for the specific domain name to verify mail
exchaing servers on that domain.


C:\Users\jpudasaini>nslookup -query=mx gmail.com 8.8.8.8
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Non-authoritative answer:
gmail.com       MX preference = 40, mail exchanger =alt4.gmail-smtp-in.l.google
.com
gmail.com       MX preference = 20, mail exchanger =alt2.gmail-smtp-in.l.google
.com
gmail.com       MX preference = 10, mail exchanger =alt1.gmail-smtp-in.l.google
.com
gmail.com       MX preference = 30, mail exchanger =alt3.gmail-smtp-in.l.google
.com
gmail.com       MX preference = 5, mail exchanger =gmail-smtp-in.l.google.com

From the above example we can say that  4 MX records used for gmail
domain, the number associat with mx reference the preference of mail
server. Lower the number, higher the preference. So
gmail-smtp-in.l.google.com is the first server which received the mail at
first.

3. NS Record using -query=ns

NS (Name Server) records maps a domain to a list of DNS servers
authoritative for that domain. Here is example of name server which are
associated with jpudasaini.com.np doamain.

C:\Users\jpudasaini>nslookup -query=ns jpudasaini.com.np 8.8.8.8
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Non-authoritative answer:
jpudasaini.com.np       nameserver = ns4.afraid.org
jpudasaini.com.np       nameserver = ns2.afraid.org
jpudasaini.com.np       nameserver = ns1.afraid.org

4. SOA Record using -query=soa

 C:\Users\jpudasaini>nslookup -query=soa jpudasaini.com.np 8.8.8.8
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Non-authoritative answer:
jpudasaini.com.np
        primary name server = ns1.afraid.org
        responsible mail addr = dnsadmin.afraid.org
        serial  = 1511030001
        refresh = 86400 (1 day)
        retry   = 7200 (2 hours)
        expire  = 2419200 (28 days)
        default TTL = 3600 (1 hour)

SOA record (start of authority) which provides the authoritative
information, as well as e-mail address, serial no of the respective
domain.


5. Reserve DNS lookup

The reverse DNS look-up using IP Adress as argument to nslookup
C:\Users\jpudasaini>nslookup 216.239.32.21 8.8.8.8
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    any-in-2015.1e100.net
Address:  216.239.32.21


6. Using Specific DNS Server

Make query using particular name server instead of using default DNS server.


C:\Users\jpudasaini>nslookup jpudasaini.com.np ns1.afraid.org
Server:  UnKnown
Address:  50.23.197.95

Name:    jpudasaini.com.np
Address:  216.239.32.21

0 comments: