Nslookup

From NovaOrdis Knowledge Base
Revision as of 05:04, 19 March 2020 by Ovidiu (talk | contribs) (→‎Overview)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

External

Internal

Overview

If nslookup is able to resolve the name, exits with 0, otherwise exits with 1.


nslookup was found not work correctly on some busybox versions.

Installation

With yum

yum install bind-utils

With apt

apt-get update
apt-get install dnsutils

Non-Interactive Mode

Getting the IP address for a name: 

nslookup www.cnn.com
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
www.cnn.com	canonical name = turner.map.fastly.net.
Name:	turner.map.fastly.net
Address: 151.101.0.73
Name:	turner.map.fastly.net
Address: 151.101.192.73
Name:	turner.map.fastly.net
Address: 151.101.64.73
Name:	turner.map.fastly.net
Address: 151.101.128.73

Debug Mode

To display protocol exchanges: 

nslookup -debug google.com

Query Option

Getting more information for a name -query followed by a qualifier can be used. The qualifiers can be any DNS zone file element names (mx, a, txt, etc).:

  • a a computer's IP address.
  • any
  • cname
  • ns authoritative name server.
  • hinfo a computer's CPU and type of operating system.
  • mx mail exchanger.
  • soa Start of Authority, technical information about the domain.
nslookup -query=hinfo www.cnn.com
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
www.cnn.com	canonical name = turner.map.fastly.net.

Authoritative answers can be found from:
fastly.net
	origin = ns1.fastly.net
	mail addr = hostmaster.fastly.com
	serial = 2016110301
	refresh = 3600
	retry = 600
	expire = 604800
	minimum = 30

Getting the Mail Exchanger (MX) for a domain: 

nslookup -query=mx novaordis.com
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
novaordis.com	mail exchanger = 5 alt1.aspmx.l.google.com.
novaordis.com	mail exchanger = 5 alt2.aspmx.l.google.com.
novaordis.com	mail exchanger = 0 aspmx.l.google.com.
novaordis.com	mail exchanger = 10 aspmx2.googlemail.com.
novaordis.com	mail exchanger = 10 aspmx3.googlemail.com.

Obtain the Authoritative Answer

I was not able to find a way to configure nslookup to not return non-authoritative answers. The most reliable method to drop the non-authoritative answers seems to grep for NXDOMAIN.

However, if nslookup cannot resolve the name, it returns 1, otherwise returns 0.

Retrieved from "https://kb.novaordis.com/index.php?title=Nslookup&oldid=66586"