Académique Documents
Professionnel Documents
Culture Documents
http://www.windowsnetworking.com/articles_tutorials/using-nslookup-...
Admin KnowledgeBase Articles & Tutorials Authors Blogs Free Tools Hardware Message Boards Newsletters RSS Software White Papers
The DNS protocol has been around for decades and is a stable and reliable protocol. Even so, DNS does occasionally have problems. These problems might stem from a loss of connectivity, an invalid DNS record, or a number of other issues. When a DNS server doesnt behave in the way that it is expected to, many people turn to the PING command for help. PING is a great tool for DNS server diagnosis, and I tend to use it quite frequently myself. However, sometimes PING just doesnt give you enough information
1 of 9
http://www.windowsnetworking.com/articles_tutorials/using-nslookup-...
about the problem at hand. When you need more information about a DNS problem than what PING provides you with, you can always turn to the NSLOOKUP command. NSLOOKUP is a built in DNS diagnostic utility thats available to both Windows and UNIX Administrators. In this article, I will show you how to use NSLOOKUP.
The Basics
NSLOOKUP has a fairly rich syntax and can be a bit confusing for those who have not worked with DNS a great deal. Therefore, I want to start out by showing you some of the basics. Although NSLOOKUP exists in both UNIX and Windows, there are some differences in the way that it behaves in the two operating systems. For the purposes of this article, I will be using the Windows version. The first thing that you need to understand about NSLOOKUP is that when you use the NSLOOKUP command, it assumes that you are querying a local domain on your private network. You can query an external domain, but NSLOOKUP will try to search for the domain internally first. For example, the brienposey.com domain is external to my network. If I perform an NSLOOKUP against brienposey.com, NSLOOKUP returns the information thats shown in Figure A.
Figure A: This is what happens when NSLOOKUP queries an external domain If you look at the figure, you will see that there are non existent domain error messages for the IP addresses 147.100.100.34 and 147.100.100.5. These are the addresses of my internal DNS servers. Below this information however is the non authoritative answer. This means that my DNS server queried an external DNS server in an effort to resolve the IP address associated with the brienposey.com domain. Now, lets take a look at what happens when you query an internal domain. One of the local domains on my private network is production.com. If I perform an NSLOOKUP against production.com, I get the results shown in Figure B.
2 of 9
http://www.windowsnetworking.com/articles_tutorials/using-nslookup-...
Figure B: This is what it looks like when I query an internal domain If you look at the top portion of this screen, you will notice that Im getting the exact same non-existent domain error messages as I got when I queried an external domain. At first, this may seem puzzling. The reason why I got this error message was because I performed an NSLOOKUP outside of the NSLOOKUP shell. I will talk more about the NSLOOKUP shell in the next section. For now though, you need to know that you can enter the NSLOOKUP command by itself. When you do, you will see the familiar non-existent domain error messages, but you will then be taken to the NSLOOKUP prompt (the > sign). From there you can enter various NSLOOKUP commands. When you are done, you can use the EXIT command to return to the command prompt. The other thing that you should notice about Figure B is the bottom portion of the output. Beneath the reference to production.com is a string of IP addresses. These are the IP addresses of all of the domain controllers within the domain. I should also point out that if multiple IP addresses are assigned to a single server then all of the servers IP addresses will be displayed by NSLOOKUP.
3 of 9
http://www.windowsnetworking.com/articles_tutorials/using-nslookup-...
entering the NSLOOKUP command at the command prompt. Once the NSLOOKUP shell is open, you will need to tell NSLOOKUP which DNS server you want to query. To do so, enter the SERVER command, followed by the DNS servers IP address. You can also enter the servers fully qualified domain name (assuming that it can be resolved) as an alternative to the servers IP address. Now that you have specified a DNS server for NSLOOKUP to use, you can query domains without receiving the non-existent domain error messages that you saw earlier (as long as you remain within the NSLOOKUP shell). To do so, you would simply type the domain name that you want to query. For example, if you look at Figure C, you can see where I have specified a particular DNS server and then queried an external and an internal domain.
Figure C: The error messages go away if you specify a DNS server Now, lets get back to the business of looking up a domains MX record. To do so, you need to issue a command that tells NSLOOKUP to query based on MX records. The command that you will have to use is: SET QUERY=MX Issuing this command by itself wont give you any information about the domains MX record though. For that you have to actually query the domain by entering the domain name. If you look at Figure D, you will see that I have specified an MX query and then entered the production.com domain name. NSLOOKUP now returns a wealth of information pertaining to my domains MX record.
4 of 9
http://www.windowsnetworking.com/articles_tutorials/using-nslookup-...
Figure D: When an MX query is specified, you can get a wealth of information about your domains MX record
Conclusion
a dve r tis e me nt
As you can see, NSLOOKUP can provide you with a wealth of DNS server diagnostic information. However, NSLOOKUP is not limited to providing the types of information that I have discussed. The NSLOOKUP shell is actually a fairly rich interface with a rather large command set. You can view a list of the available commands and their syntax by entering a question mark at the NSLOOKUP prompt (note: you can not use NSLOOKUP /? to view the command set).
5 of 9
http://www.windowsnetworking.com/articles_tutorials/using-nslookup-...
Related links
nslookup and DNS Zone Transfers DNS Stub Zones in Windows Server 2003 How to ""Quickly"" Test DNS Resolution Installing DNS On Windows 2003 Understanding the DNS Protocol (Part 1)
Community Area
Log in | Register
Featured Freeware!
6 of 9
http://www.windowsnetworking.com/articles_tutorials/using-nslookup-...
SolarWinds WMI Monitor monitors any Windows application or server, giving you amazing insight into real-time performance. Get your free copy today! Admin KnowledgeBase Articles & Tutorials Cloud Computing Common for all OSes Dial up Networking, ICS, RAS, ADSL General Networking Network Protocols Network Troubleshooting Product Reviews V oIP Windows 7 Windows 2000 Windows 2003 Windows 95/98/ME Windows NT 4 Windows Server 2008 Windows Vista Windows XP Wireless Networking Authors Deb Shinder Eric Geier Brien M. Posey David Davis Mitch Tulloch Robert J. Shimonski Russell Hitchcock Blogs Free Tools Hardware Anti-Spam Hardware
7 of 9
http://www.windowsnetworking.com/articles_tutorials/using-nslookup-...
Anti-Virus Hardware Firewalls & VPN Mail Archiving Servers Storage Message Boards Newsletter Signup RSS Feed Services SharePoint Hosting Software Active Directory Management Administration tools / Ping & trace utils Backup software Data recovery software Database server software DNS servers Email archiving Free Tools Help desk software IP Address Management IP PBX Servers Misc. network administrator tools Network Configuration Management Network inventory software Network Mapping Network monitoring / management Network Traffic Monitoring Patch Management Remote control software SharePoint Tools Software distribution and metering Storage and quota software Terminal Servers Thin Client Servers Web content management servers White Papers IP PBX, SIP & V FAQ Sponsored by 3CX oIP
8 of 9
http://www.windowsnetworking.com/articles_tutorials/using-nslookup-...
TechGenix Sites
ISAserver.org The No.1 Forefront TMG / UAG and ISA Server resource site. MSExchange.org The leading Microsoft Exchange Server 2010 / 2007 / 2003 resource site. WindowSecurity.com Network Security & Information Security resource for IT administrators. VirtualizationAdmin.com The essential Virtualization resource site for administrators.
Admin KnowledgeBase Articles & Tutorials Authors Blogs Free Tools Hardware Links Message Boards Newsletters RSS Software White Papers About Us : Email us : Product Submission Form : Advertising Information WindowsNetworking.com is in no way affiliated with Microsoft Corp. *Links are sponsored by advertisers. Copyright 2011 TechGenix Ltd. All rights reserved. Please read our Privacy Policy and Terms & Conditions.
9 of 9