nslookup - dwilson2547/wiki_demo GitHub Wiki

Here’s a comprehensive nslookup cheat sheet with common commands and practical examples:

nslookup is a command-line tool for querying DNS (Domain Name System) records to troubleshoot domain and network issues.

• nslookup Cheat Sheet
• 1. Basic Syntax
• 2. Common Options
• 3. Basic Queries
  • 3.1. Lookup a Domain
  • 3.2. Query a Specific DNS Server
  • 3.3. Reverse DNS Lookup (PTR Record)
• 4. Query Specific DNS Record Types
  • 4.1. A Record (IPv4 Address)
  • 4.2. AAAA Record (IPv6 Address)
  • 4.3. MX Record (Mail Server)
  • 4.4. TXT Record
  • 4.5. CNAME Record (Alias)
  • 4.6. NS Record (Name Servers)
  • 4.7. SOA Record (Start of Authority)
• 5. Interactive Mode
• 6. Debug Mode
• 7. Common Use Cases
• 8. Practical Examples
  • 8.1. Check DNS Propagation
  • 8.2. Verify SPF Records
  • 8.3. Troubleshoot Email Delivery
  • 8.4. Find Authoritative Name Servers
  • 8.5. Check for DNS Spoofing
• 9. Tips and Tricks
• 10. Comparison with dig

nslookup [options] [domain] [dns-server]

nslookup example.com

Example:

nslookup google.com

• Returns the A record (IPv4 address) for google.com.

nslookup example.com 8.8.8.8

Example:

nslookup github.com 1.1.1.1

• Queries github.com using Cloudflare’s DNS server (1.1.1.1).

nslookup 8.8.8.8

Example:

nslookup 142.250.190.46

• Returns the domain name associated with the IP 142.250.190.46.

nslookup -type=A example.com

Example:

nslookup -type=A github.com

• Returns the IPv4 address for github.com.

nslookup -type=AAAA example.com

Example:

nslookup -type=AAAA google.com

• Returns the IPv6 address for google.com.

nslookup -type=MX example.com

Example:

nslookup -type=MX gmail.com

• Returns the mail servers for gmail.com.

nslookup -type=TXT example.com

Example:

nslookup -type=TXT google.com

• Returns TXT records (e.g., SPF, DKIM) for google.com.

nslookup -type=CNAME www.example.com

Example:

nslookup -type=CNAME www.github.com

• Returns the canonical name (alias) for www.github.com.

nslookup -type=NS example.com

Example:

nslookup -type=NS google.com

• Returns the authoritative name servers for google.com.

nslookup -type=SOA example.com

Example:

nslookup -type=SOA example.com

• Returns the SOA record, which contains administrative information about the domain.

Start nslookup in interactive mode for multiple queries:

nslookup

Example Session:

> set type=MX
> gmail.com
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
gmail.com       mail exchanger = 5 gmail-smtp-in.l.google.com.
gmail.com       mail exchanger = 10 alt1.gmail-smtp-in.l.google.com.
...
> exit

Enable debug mode for detailed output:

nslookup -debug example.com

Example:

nslookup -debug google.com

• Shows the step-by-step DNS resolution process.

nslookup example.com 8.8.8.8
nslookup example.com 1.1.1.1

• Queries multiple DNS servers to verify DNS propagation.

nslookup -type=TXT example.com | grep "v=spf1"

• Checks the SPF record for example.com.

nslookup -type=MX gmail.com

• Verifies the mail servers for gmail.com.

nslookup -type=NS example.com

• Lists the authoritative name servers for example.com.

nslookup example.com
nslookup example.com 8.8.8.8
nslookup example.com 1.1.1.1

• Compares results from different DNS servers to detect inconsistencies.

• Use dig for Advanced Queries: While nslookup is user-friendly, dig provides more detailed and flexible DNS queries.

  dig example.com MX

• Check Local DNS Cache: Use ipconfig /flushdns (Windows) or sudo systemd-resolve --flush-caches (Linux) to clear the DNS cache if results seem stale.
• Query Specific DNS Servers: Use public DNS servers like 8.8.8.8 (Google) or 1.1.1.1 (Cloudflare) to bypass local DNS issues.
• Scripting: Combine nslookup with shell scripting for automated DNS checks:

  for domain in google.com github.com example.com; do
    nslookup $domain
  done

Example with dig:

dig example.com MX