NSLOOKUP - CMD

Overview

nslookup is a network administration command-line tool available in Windows for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or any specific DNS record. It is primarily used for troubleshooting DNS-related issues and for obtaining detailed DNS information. This tool is most effective in diagnosing network problems and gathering information about domain names.

Syntax

The basic syntax for nslookup is:

nslookup [option] [hostname | IP_address] [server]
  • hostname | IP_address: Specifies the domain name or IP address you’re querying.
  • server: Optional. Specifies the DNS server to which the request is sent. If omitted, nslookup uses the default DNS server.

Options/Flags

nslookup has several command line options and flags:

  • -debug: Displays detailed information about the query, showing exactly what data is being sent and received from the DNS server.
  • -type=type: Allows the user to specify the type of DNS records to be returned, such as A, MX, TXT, etc. The default is A.
  • -timeout=seconds: Sets the timeout interval for replies from the server. The default is 5 seconds.
  • -retry=number: Specifies the number of retries for failed attempts. The default is 2.
  • -root=rootserver: Specifies a different root server to query.
  • -querytype=type: Same as -type.
  • -query=type: Additionally similar to -type.

Examples

  1. Basic DNS Lookup: Get the IP address associated with a domain name:

    nslookup example.com

  2. Query a Specific DNS Server: Get DNS records from a specific server:

    nslookup example.com 8.8.8.8

  3. Reverse DNS Lookup: Find the domain name associated with an IP address:

    nslookup 192.0.2.1

  4. Advanced Lookup – Query MX Records:

    nslookup -type=MX example.com

Common Issues

  • Timeouts and Non-responses: Often caused by nonexistent servers or network issues. Increase the timeout and retry options, verify the server address, or check your network connection.
  • Incorrect Results: DNS caching might give outdated results. Clear the DNS cache by running ipconfig /flushdns.
  • Access Denied Errors: Insufficient permissions can lead to denied access. Run CMD as an administrator.

Integration

nslookup can be used with other commands for more complex tasks:

  • Batch Processing: Automate DNS lookups for multiple hosts. 
    for /F %i in (hosts.txt) do nslookup %i >> results.txt
  • Combining with findstr: Search for specific DNS record types in output. 
    nslookup -type=ALL example.com | findstr "MX"
  • ping: Checks the availability of a remote server.
  • ipconfig: Displays all current TCP/IP network configuration values and refreshes DHCP and DNS settings.
  • tracert: Traces the route packets take to a network host.

Further reading and detailed official documentation can be accessed here for nslookup.