Using the nslookup
command is a common method to check DNS records. nslookup
is a command-line tool available on most operating systems, including Windows, Linux, and macOS. It allows you to query DNS servers for various types of DNS records associated with a domain.
Here’s a guide on how to use nslookup
to check DNS records:
Open a Command Prompt or Terminal
Most operating systems come with inbuilt command-line tools. For example:
- Windows: You can open the command prompt by pressing
Win + R
, typing “cmd,” and hitting Enter. - Linux/macOS: You can typically find it in the Applications > Utilities folder on macOS, or use
Ctrl + Alt + T
on many Linux distributions.
Enter the nslookup
Command
To check the basic information associated with a domain, enter the following command, replacing “example.com” with your target domain:
nslookup example.com
Here is the sample output of the above command:
Server: UnKnown
Address: 192.168.1.1
Non-authoritative answer:
Name: example.com
Addresses: 93.184.216.34
2606:2800:220:1:248:1893:25c8:1946
This will display the default DNS server, the IP address associated with the domain, and other information.
Query for a Specific DNS Record Type
To query for a specific type of DNS record (e.g., A, CNAME, MX), use the -type
option. For example, to check the A record for “example.com,” use:
nslookup -type=A example.com
Replace “A” with the desired record type.
Query a Specific DNS Server
If you want to query a specific DNS server, use the following syntax, replacing “8.8.8.8” with the IP address of the DNS server:
nslookup example.com 8.8.8.8
Check MX Records for Email Servers
To check the mail exchange (MX) records for a domain (useful for email configuration), use:
nslookup -type=MX example.com
Here is the output of the above command:
Server: UnKnown
Address: 192.168.1.1
Non-authoritative answer:
example.com MX preference = 10, mail exchanger = mail.example.com
Explanation of the output:
- Server: Indicates the DNS server used for the query (in this case, “UnKnown” might be your default DNS server).
- Address: The IP address of the DNS server (e.g., 192.168.1.1).
- Non-authoritative answer: Indicates that the response is not from the authoritative DNS server for the domain.
- example.com MX: Shows information about the Mail Exchange (MX) record for the domain example.com.
- MX preference: The priority of the mail exchanger. In this example, the preference is 10.
- Mail exchanger: The mail server responsible for receiving emails for the domain. In this example, the mail exchanger is mail.example.com.
Check Name Server (NS) Records
To check the name server (NS) records for a domain, use:
nslookup -type=NS example.com
The above command would return an output that looks similar to this:
Server: UnKnown
Address: 192.168.1.1
Non-authoritative answer:
example.com nameserver = a.iana-servers.net
example.com nameserver = b.iana-servers.net
Explanation of the sample output:
- Server: Indicates the DNS server used for the query (in this case, “UnKnown” might be your default DNS server).
- Address: The IP address of the DNS server (e.g., 192.168.1.1).
- Non-authoritative answer: Indicates that the response is not from the authoritative DNS server for the domain.
- example.com nameserver: Lists the authoritative name servers (NS records) for the domain example.com. In this example, the authoritative name servers are a.iana-servers.net and b.iana-servers.net.
Check Start of Authority (SOA) Record
To check the Start of Authority (SOA) record for a domain, use:
nslookup -type=SOA example.com
The following would be the output of the above command:
Server: UnKnown
Address: 192.168.1.1
Non-authoritative answer:
example.com
primary name server = a.iana-servers.net
responsible mail addr = hostmaster.root-servers.org
serial = 2022020901
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 1800 (30 mins)
Let’s breakdown the output:
- Server: Indicates the DNS server used for the query (in this case, “UnKnown” might be your default DNS server).
- Address: The IP address of the DNS server (e.g., 192.168.1.1).
- Non-authoritative answer: Indicates that the response is not from the authoritative DNS server for the domain.
- example.com SOA: Shows information about the Start of Authority (SOA) record for the domain example.com.
- Primary Name Server: The primary name server for the domain (a.iana-servers.net).
- Responsible Mail Addr: The email address of the responsible party or domain administrator (hostmaster.root-servers.org)..
- Serial: The current version number of the zone (2022020901).
- Refresh: The interval (in seconds) at which secondary name servers should check for updates (1800 seconds or 30 minutes).
- Retry: The interval (in seconds) that a secondary name server should wait before retrying a failed zone transfer (900 seconds or 15 minutes).
- Expire: The maximum time (in seconds) that a secondary name server can use the data before it must be refreshed (604800 seconds or 7 days).
- Default TTL: The default Time-to-Live value for resource records (1800 seconds or 30 minutes).
Remember to replace “example.com” with the actual domain you want to query, and adjust the record types accordingly. Additionally, specifying a DNS server is optional, as nslookup
will typically use your default DNS server by default.