How to use nslookup command in Linux?

The nslookup ( name server lookup ) command is used to get information from a DNS server. This information can include IP address details, MX record of a name server, etc. It is used for troubleshooting DNS-related problems on a system.

This command usually works in two modes interactive and non-interactive modes. In interactive mode, you can query information about various hosts and domains. You can get information on a single host or domain by using the nslookup command in non-interactive mode.

In this article, I will explain how to use the nslookup command in Linux with the help of some examples.

Syntax of the nslookup command

The syntax of how to use the nslookup command in a Linux system is given below.

nslookup [-option] [name | -] [server]

Where you can find the detailed list of options that can be used with the nslookup command on its man page.

Usage of nslookup command Linux

The following examples show the usage of the nslookup command in a Linux system.

Basic use of nslookup

The most basic use of the nslookup command in Linux is using it for querying the details of a domain or host.

Interactive mode

To run the nslookup command in interactive mode using the command as it is given below.

nslookup

Now every time you enter a domain name you will display the details associated with it, this can includes ipv4 address, IPv6 address, name, etc.

nslookup interactive mode

Here you can also perform a reverse lookup by entering an IP address instead of a domain name.

Non-interactive mode

You can invoke the nslookup command in non-interactive mode by entering the command followed by the domain name or IP of the host.

For example –

nslookup google.com

This will display the output something like given in the image below.

nslookup in non interactive mode

The output displayed here is the A (Address) record of google.com. A record is used to map a domain name to the IP address. So we can use the nslookup to find the IP address from a domain name or vice versa.

Perform the reverse DNS lookup

By using the nslookup command you can display the domain name from the IP address associated with it.

For example –

nslookup 8.8.8.8

reverse domain lookup

Querying MX record

To display the MX (Mail Exchange) records, use the -query=mx option with nslookup command.

For example –

nslookup -query=mx google.com

mx record using nslookup

Querying ns (Name Server) record

To display the name server records of a host you need to use the -query=ns option with nslookup command.

For example –

nslookup -query=ns google.com

This will display the output something like given in the image below.

display name server using nslookup

Querying SOA (Start of Authority) record

An SOA (Start of Authority) record is a type of record in DNS that contains administrative information about the zone, especially regarding zone transfer.

You can display the SOA by using the -query=soa option with the nslookup command.

For example –

nslookup -query=soa google.com

You can see the output of this command in the given image.

soa record

Querying all the available DNS records

By using the option -query=any you can display all DNS records of a host or domain.

For example –

nslookup -query=any google.com

This will display the given output.

dns record

For more information, you can check the manual page of the nslookup command by using –

man nslookup

Conclusion

I hope now you get an understanding of how to use the nslookup command in Linux. For any query write us in the comments below.

Leave a Comment