Home Blog An NSLOOKUP Primer – Testing DNS

Blog

May 4
An NSLOOKUP Primer – Testing DNS
Posted by Ryan Alibrando

So there you are in front of your computer, you know you have internet access, you can ping 8.8.8.8, but your browser isn’t working, and when you try to ping google.com, the name is unable to resolve. You think to yourself “If only I had saved that blog article about nslookup locally, so I didn’t have to depend on the internet to get all that great info!”.

Well lucky for you, you currently have internet access, and you can read this blog, and I’m hopeful that you can step through an example or two and your memory will be so razor sharp that you won’t even need to save this article for a rainy no-DNS day. Maybe there will be some other useful stuff, too.

I’ve been in several scenarios where having nslookup familiarity has been a huge time saver and hopefully I can share a trick or two with you on using the nslookup tool (Name Server Lookup) that’s built into Windows, Apple, and most Linux flavors (Click on the OS links for nslookup documentation for each). I thought maybe a quick primer on how I use the tool most often might help someone out. My examples will be in Windows since that’s what I’ve seen used the most in my travels, but the commands should be extremely similar across all operating systems.

I’m going to assume you know that DNS stands for Domain Name System. The most common analogy I’ve heard for DNS is that it’s like a phone book where looking up a name to get an IP address is just like looking up a name to get a phone number. For my purposes, I wanted to share some common scenarios & nslookup exercises I go through when troubleshooting DNS.

Scenario 1 – DNS is broke like a joke

              You can ping, but you can’t seem to resolve a name.

              Step 1. Make sure you have DNS servers configured on your interface.

                           An NSLOOKUP Primer – Testing DNS

              Step 2. Check that DNS is working on your DNS servers (with nslookup!)

There’s 2 ways I use nslookup to check DNS from multiple name servers. If I’m doing a quick check, I’ll open a command prompt (or terminal) and type “nslookup [host] [server]” where host is the name you want to check and server is the DNS server you want to look it up on. Here’s an example where I looked up google.com on 8.8.8.8 (a google DNS server).

             An NSLOOKUP Primer – Testing DNS

 

The second way is to go into interactive mode by just typing “nslookup”. I typically use interactive mode since I rarely do just one or two lookups, so I find it to be faster for me. Next, specify the DNS server to use “server 208.67.220.220” (an OpenDNS server), then looking up the host “google.com”.

                  An NSLOOKUP Primer – Testing DNS

**NOTE** In interactive mode, just type ? to get a list of commands

For step 2, you should test all the DNS servers your interface has specified. If a DNS server is not resolving a name, but you can ping it, you might want to check that the DNS service is running. If it doesn’t respond to ping either the DNS server may be down. If both DNS servers are not resolving names, you may be looking at an issue with connectivity from your machine to the DNS server(s).

Before we start with scenario 2, I want to explain different DNS record types. The main lookups people focus on are A (Address) records, which match nicely with the phone book analogy. There are several other types though. For this next example, we’ll be looking at the NS (Name Server) type, which basically tells the internet which name servers are authoritative for the domain. You may have noticed in our previous example when we looked up google.com, we got a “Non-authoritative answer”, which means the DNS server we used was just saving a copy of the answer from the authoritative server. Let’s go through Scenario 2 and hopefully it will make a little more sense.

Scenario 2 – I just made a public DNS change

 

You added or updated a DNS entry on GoDaddy or another public DNS provider.

***HOT TIP*** If you’re planning to update a public DNS entry, change the TTL (time to live) to a lower time like 10 minutes the day before the scheduled change to tell the other DNS servers around the world to check for updates more often. I usually wait until I’m sure I won’t have to roll back a change before setting the TTL to a longer time - 1 hour is typical.

              Step 1. Find the domain’s authoritative DNS Server(s)

 

In this case, I’m going to set type to NS (Name Server) and determine the authoritative DNS servers for lookingpoint.com

An NSLOOKUP Primer – Testing DNS

Looking at the box above, you can see that I told nslookup to look up an NS record, then I looked up lookingpoint.com, and you can tell that the DNS server I queried for this information was dns.opendns.com and it’s NOT authoritative. Let’s set the server to ns27 & see if it looks any different.

An NSLOOKUP Primer – Testing DNS

Wait! What happened?! I’ve found that I sometimes need to point to the IP address as opposed to the server name. So we can see the IP above, let’s try the same thing there.

An NSLOOKUP Primer – Testing DNS

Ah ha! It doesn’t say “non-authoritative” anymore. This is where we want to check our change!

 

Step 2. Check the authoritative (& non-authoritative) servers for the updated A record

 

Ok, let’s look up our A record before the change & validate after the change.

An NSLOOKUP Primer – Testing DNS

Here I set the type to “a”, looked up “nslookupblog.lookingpoint.com”, then changed to an opendns server to validate it was the same there. Next, let’s change the dns record and do the same test again.

An NSLOOKUP Primer – Testing DNS

Alright! So, after changing the record we see the change reflected in both the authoritative DNS server records AND the OpenDNS server records, so our change was a success! If at first, you don’t see the record on whichever public DNS server you’re checking, give it some time, it can take a while for DNS records to propagate around the world. Also, see the hot tip at the top of scenario 2 for TTL adjustments to make your life easier during DNS changes.

 

I hope these initial 2 scenarios gave you a taste of what nslookup can do. I’ll do a second installment where we look at using nslookup for email troubleshooting. We’ll look at some additional DNS record types and have lots of fun!

 

It just so happens that LookingPoint offers multiple IT services if you’re interested. Want more information, give us a call! Please reach out to us at sales@lookingpoint.com and we’ll be happy to help!

Contact Us

Written By:

Ryan Alibrando, Managed Services Team Lead

subscribe to our blog

Get New Unique Posts