Casbay Knowledge Base

Search our articles or browse by category below

Windows Commands – Nslookup

Last modified: October 1, 2022
Estimated reading time: 2 min

Windows Commands – Nslookup

Windows Commands Query

Please refer to the following instance 

  1. Firstly, > nslookup
    Default Server: ns1.domain.com
    Address: 10.0.0.1
  2. Secondly, > mailhost
    Server: ns1.domain.com
    Address: 10.0.0.1
  3. And next, mailhost.domain.com MX preference = 0
  4. Then, mail exchanger =mailhost.domain.com
    mailhost.domain.com internet address = 10.0.0.5

You can refer to this article from Microsoft KB for more information.

What is nslookup?

First of all, nslookup is a simple but very practical command-line tool. We principally use it to find the IP address that corresponds to a host, or the domain name that corresponds to an IP address (the process of what we call it “Reverse DNS Lookup”). Nslookup allows itself to be used in the command-line of the operating system in question. For Windows users, they start the service via the command prompt. For Unix users, they use a terminal window. Additionally, there are now a number of services that can make using nslookup online possible.

Note: The name “nslookup” actually stands for “name server look up.”

Besides that, Nslookup retrieves the relevant address information directly from the DNS cache of name servers. We can achieve this process through two different modes that the user can choose from. In the non-interactive mode, the tool inspects the resource records, which is what the address entries in the DNS cache are called. These are stored in the local name server, in a standard way. The mode is especially well suited for simple queries, for which a single domain entry needs to be looked up. When you want to use a different DNS server for the research and complete more complex search processes, you need the interactive mode. We need to start the command-line program separately at first.

Note: Unlike the wide range of other command-line programs from Windows/DOS, nslookup has the case-sensitive parameter “-q”. In other words, a parameter in which capitalization or lack thereof is relevant.

What can it be used for?

There are a few different scenarios in which the use of nslookup is appropriate. In this way, a command-line program is a crucial tool in resolving DNS issues. First of all, a data query helps find the cause of the problem at hand. For example, those who use Windows and experience an issue with the active directory can use nslookup. Nslookup allows them to quickly and easily check whether all involved servers are converted into the domain name system as planned. Generally, this program shows its strengths when various subdomains. Not only when it is simply a matter of checking them, but also when there are connection problems.

Another typical scenario is the search for optimal mail servers (SMTP, POP, IMAP) for the desired domain. In this case, nslookup determines the servers in question on the basis of the mail exchanger (MX-Records) that belong to the domain of the e-mail provider. These entries contain the IP addresses and names of the provider servers, which subsequently we only need to specify during the configuration of the mail clients to perfect the routing of the electronic mail service.

When using nslookup to retrieve the MX Record of a domain, the network tool will find the mail server in question which is labeled “responsible mail addr”.

Was this article helpful?
Dislike 0
Previous: DNS Propagation & TTL
Next: SPF Record