Nslookup: Difference between revisions
Jump to navigation
Jump to search
(18 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
=External= | |||
* https://linux.die.net/man/1/nslookup | |||
=Internal= | =Internal= | ||
Line 4: | Line 6: | ||
=Overview= | =Overview= | ||
If nslookup is able to resolve the name, exits with 0, otherwise exits with 1. | |||
{{Warn|nslookup was found not work correctly on some busybox versions.}} | |||
=Installation= | |||
==With yum== | |||
yum install bind-utils | |||
==With apt== | |||
apt-get update | |||
apt-get install dnsutils | |||
=Non-Interactive Mode= | =Non-Interactive Mode= | ||
Line 9: | Line 26: | ||
Getting the IP address for a name: | Getting the IP address for a name: | ||
< | <syntaxhighlight lang='text> | ||
nslookup www.cnn.com | |||
Server: 8.8.8.8 | Server: 8.8.8.8 | ||
Address: 8.8.8.8#53 | Address: 8.8.8.8#53 | ||
Line 24: | Line 41: | ||
Name: turner.map.fastly.net | Name: turner.map.fastly.net | ||
Address: 151.101.128.73 | Address: 151.101.128.73 | ||
</ | </syntaxhighlight> | ||
==Debug Mode== | |||
To display protocol exchanges: | |||
<syntaxhighlight lang='bash'> | |||
nslookup -debug google.com | |||
</syntaxhighlight> | |||
==Query Option== | |||
< | Getting more information for a name <code>-query</code> followed by a qualifier can be used. The qualifiers can be any DNS zone file element names (mx, a, txt, etc).: | ||
* <code>a</code> a computer's IP address. | |||
* <code>any</code> | |||
* <code>cname</code> | |||
* <code>ns</code> authoritative name server. | |||
* <code>hinfo</code> a computer's CPU and type of operating system. | |||
* <code>mx</code> mail exchanger. | |||
* <code>soa</code> Start of Authority, technical information about the domain. | |||
<syntaxhighlight lang='text> | |||
nslookup -query=hinfo www.cnn.com | nslookup -query=hinfo www.cnn.com | ||
Server: 8.8.8.8 | Server: 8.8.8.8 | ||
Line 45: | Line 80: | ||
expire = 604800 | expire = 604800 | ||
minimum = 30 | minimum = 30 | ||
</ | </syntaxhighlight> | ||
Getting the Mail Exchanger (MX) for a domain: | Getting the Mail Exchanger (MX) for a domain: | ||
< | <syntaxhighlight lang='text> | ||
nslookup -query=mx novaordis.com | nslookup -query=mx novaordis.com | ||
Server: 8.8.8.8 | Server: 8.8.8.8 | ||
Line 60: | Line 95: | ||
novaordis.com mail exchanger = 10 aspmx2.googlemail.com. | novaordis.com mail exchanger = 10 aspmx2.googlemail.com. | ||
novaordis.com mail exchanger = 10 aspmx3.googlemail.com. | novaordis.com mail exchanger = 10 aspmx3.googlemail.com. | ||
</ | </syntaxhighlight> | ||
=Obtain the Authoritative Answer= | |||
I was not able to find a way to configure nslookup to not return non-authoritative answers. The most reliable method to drop the non-authoritative answers seems to grep for NXDOMAIN. | |||
However, if nslookup cannot resolve the name, it returns 1, otherwise returns 0. |
Latest revision as of 05:04, 19 March 2020
External
Internal
Overview
If nslookup is able to resolve the name, exits with 0, otherwise exits with 1.
nslookup was found not work correctly on some busybox versions.
Installation
With yum
yum install bind-utils
With apt
apt-get update apt-get install dnsutils
Non-Interactive Mode
Getting the IP address for a name:
nslookup www.cnn.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
www.cnn.com canonical name = turner.map.fastly.net.
Name: turner.map.fastly.net
Address: 151.101.0.73
Name: turner.map.fastly.net
Address: 151.101.192.73
Name: turner.map.fastly.net
Address: 151.101.64.73
Name: turner.map.fastly.net
Address: 151.101.128.73
Debug Mode
To display protocol exchanges:
nslookup -debug google.com
Query Option
Getting more information for a name -query
followed by a qualifier can be used. The qualifiers can be any DNS zone file element names (mx, a, txt, etc).:
a
a computer's IP address.any
cname
ns
authoritative name server.hinfo
a computer's CPU and type of operating system.mx
mail exchanger.soa
Start of Authority, technical information about the domain.
nslookup -query=hinfo www.cnn.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
www.cnn.com canonical name = turner.map.fastly.net.
Authoritative answers can be found from:
fastly.net
origin = ns1.fastly.net
mail addr = hostmaster.fastly.com
serial = 2016110301
refresh = 3600
retry = 600
expire = 604800
minimum = 30
Getting the Mail Exchanger (MX) for a domain:
nslookup -query=mx novaordis.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
novaordis.com mail exchanger = 5 alt1.aspmx.l.google.com.
novaordis.com mail exchanger = 5 alt2.aspmx.l.google.com.
novaordis.com mail exchanger = 0 aspmx.l.google.com.
novaordis.com mail exchanger = 10 aspmx2.googlemail.com.
novaordis.com mail exchanger = 10 aspmx3.googlemail.com.
Obtain the Authoritative Answer
I was not able to find a way to configure nslookup to not return non-authoritative answers. The most reliable method to drop the non-authoritative answers seems to grep for NXDOMAIN.
However, if nslookup cannot resolve the name, it returns 1, otherwise returns 0.