Test DNS records with NSlookupIn this tutorial, you’re going to learn how to use the Nslookup command to check DNS records.

You’ll also learn how Nslookup can be used to troubleshoot DNS issues. I walk through the exact steps and provide several Nslookup examples.

And in this post, I’ll show you my tips for troubleshooting DNS.

Let’s get started!

Topics in this tutorial

How DNS Works
Why you must learn the nslookup command
Nslookup Syntax
Nslookup Examples
DNS Troubleshooting Tips

 How DNS works

Understanding how DNS works will help you troubleshoot DNS issues faster. It will help you identify if its a client, a local DNS issue or another DNS server (forwarding server or ISP).

Computer and other network devices communicate by IP address. It would be hard to remember the IP address of every website or resource you access, words are easier to remember. DNS will take the easy to remember name and map it to the IP address so devices can communicate.

Below I walk through how a computer uses DNS to resolve names.

1. User types in google.com into their browser. This will send a query to the DNS server to go fetch the IP address for google.com

2. The DNS server that the client uses may not know the IP address. This can be your local Active Directory DNS server or your ISP DNS server. If it doesn’t know the IP address of the domain it will forward it on to the next DNS server.

3. The next DNS server says it knows the IP address and sends the request back to the computer.

4. The computer is then able to communicate to google.com.

DNS uses resource records to provide details about systems on a network. The above example used an A resource record which maps a domain name to an IP address.

In the examples below I will show you how to query different resource records.


Scan, detect and easily manage IP addresses with the Free IP address tracker by SolarWinds. By using this FREE tool you can save time by eliminating the need to manually track IP address information.

In addition, it helps to detect IP conflicts on your subnet. Download your FREE copy of IP Address Tracker.

Why you must learn the Nslookup command line tool

When DNS is not working devices cannot communicate. You will be unable to browse to websites, send email, chat online, stream videos and so on.

If you have a local DNS server issue then your employees can’t work and business is impacted.

You need a way to quickly troubleshoot and resolve these issues.

That is why it’s important to know how to use the Nslookup command.

This command is built into all windows operating systems, it’s free and easy to use.

If you are a system or network administrator it’s very important that you know how to quickly resolve DNS related issues.

NSLookup Syntax

To view the syntax just type nslookup hit enter then type ?

Here is a screenshot

There is a lot of options but in most cases, you will only need a few of them to verify DNS records. The most useful command switches are set type, server and debug. I’ll show you the most commonly used commands below.

Nslookup Examples

In each example, I show you the commands then a screenshot with the results.

PTR Record Lookup (IP to Domain Name)

Use this command if you know the IP address and what to find the domain name.


A Record Lookup (Domain to IP Address)

If you want to find the IP address of a domain name then use this command:

nslookup domainname

MX Lookup

An mx record lookup will find mail server that is responsible for accepting email for the domain.

nslookup hit enter
set q=mx hit enter
type domain, hit enter

SOA Record Lookup

The Start of Authority record indicates which DNS server is the best source of information for the domain. This will return the primary name server, responsible mail addresses, default ttl and more.

type nslookup hit enter
type set q=SOA hit enter
type domain name, hit enter


set q=cname

Name Server

This command will return the name servers a domain is using.

type nslookup hit enter
type set q=ns hit enter
type in domain to query hit enter

Using an alternative DNS Server

This is very useful in troubleshooting. Maybe a website isn’t loading on your internal network but does when you off the network. You can use this to see if your internal DNS is returning different results than an external DNS server. You can use your ISP DNS server or google.

nslookup hit enter
 server=DNS-Server-IP hit enter
type in domain name hit enter

Using Verbose

Turning on debug will display a lot more details about the resource record such as primary name server, mail address, default TTL and much more. To turn on debug use the command below

set debug

Tips for troubleshooting DNS Problems

Here are my tips for troubleshooting DNS issues.

Step#1 Make sure you have connectivity to the DNS server?

If your client has communication issues to the DNS server then name resolution is not going to work.

To check what DNS is set on a Windows system use this command:

ipconfig /all

Now take the IP listed for the DNS server and see if the client can ping it or communicate with it.

Step #2 Are other users or devices having name resolution issues?

You need to determine how big of a problem you have. Is it just one, two or many devices that have name resolution issues?

If it’s just one then you may just have a client issue. If it’s all or many then you may have an issue with the local or upstream DNS server.

Step #3 Use NSLookup to test local server

Use NSLookup to verify the local DNS server is working correctly. Use the command to verify DNS records on local servers. If you need examples see the previous section.

Step #4 Use DCDiag to check the AD Health

If your having issues internally you will want to check the Health of your Active Directory environment. Since DNS and AD are very tightly integrated a faulty domain controller could be causing your DNS issues.  See my tutorial on how to check domain controller health.

Step #5 Use NSlookup server to test forwarding DNS Server (UPstream)

If everything is resolving correctly internally but not external you can test the forwarding DNS server with the NSLookup command. This could be your ISP DNS server or the root hint servers. Use NSLookup server option followed by the forwarding DNS server IP to run queries.

Step #6 Scan for viruses and spyware

Viruses and spyware can install all kinds of nasty things on computers to redirect traffic to malicious sites. Browser hijacking is very common

Step #7 Check the client’s host file

I don’t recommend adding entries to the host file but if it contains incorrect or outdated data, you won’t be able to connect. Viruses can also modify the host file which would redirect you to malicious websites.

Step #8 Flush DNS Cache

The client’s cache could be the problem to flush the cache run this command

ipconfig /flushdns

I hope this article helped you understand the NSLookup and how it can be used to verify and troubleshoot DNS. If you liked this video or have questions leave a quick comment below.

You Might Also Like…

Recommended Tool: SolarWinds Server & Application Monitor

This utility was designed to Monitor Active Directory and other critical services like DNS & DHCP. It will quickly spot domain controller issues, prevent replication failures, track failed logon attempts and much more.

What I like best about SAM is it’s easy to use dashboard and alerting features. It also has the ability to monitor virtual machines and storage.

Download Your Free Trial Here


  1. Mostafa on October 28, 2018 at 3:08 pm

    Very Good, Thanks alot

    • Robert Allen on November 2, 2018 at 11:17 am

      No problem

  2. johan on November 25, 2018 at 10:13 am

    can you clarify the Using an alternative DNS Server part? I cant see the code youre using in your output

    • Robert Allen on November 25, 2018 at 2:55 pm

      Just type “nslookup” and then enter
      Then type “server” and the enter (or enter whatever DNS server you want to use).

      Now when you run lookups it will use the DNS server you specified.

      Does that help?

      • Rk on April 3, 2020 at 5:02 am

        It’s very helpful. Thank you

        • Robert Allen on April 18, 2020 at 2:36 pm


          No problem.

  3. Gareth on March 28, 2019 at 9:48 pm

    How can you find the ip range when dealing with a domain name that is a CNAME where the ip’s are changing all the time?

  4. Thousif on June 10, 2019 at 1:23 pm

    Thanks a lot

  5. ben on November 19, 2019 at 1:49 am

    great stuff man

  6. Raymond Chung on June 19, 2020 at 8:30 am

    Can nslookup perform “dig +trace” liked function to trace the query? Thank you in advance.

    • Robert Allen on June 29, 2020 at 12:47 am

      nslookup is just name lookups. Windows has another command for listing the hops between point a and point be, the command is tracert. Another command that is similar to tracert is pathping, it helps provides information on the hops and latency.

    • tom on April 9, 2021 at 3:18 pm

      nslookup has debug parameter

      take a loook https://bash.ws/nslookup/google.com?-debug

  7. Christine on August 17, 2020 at 1:23 pm

    How do I check if the IP is pointing to the domain with the www. and without the www. ?
    Thank you!

    • Robert Allen on August 20, 2020 at 11:29 pm

      Try nslookup then the IPADDRESS

      Here is an example.

      Server: UnKnown
      Address: ::1

      Name: dns.google

  8. nslookup on August 22, 2020 at 6:46 pm

    I’ve recently made https://www.nslookup.io to find DNS records. Hopefully much simpler and more intuitive then running it on the command line. Would appreciate a mention in this article if you think it’s useful for your readers 🙂

    • Robert Allen on August 23, 2020 at 1:27 pm

      Hi. Thanks for sharing that site. This is helpful for looking up public domains. nslookup would still need to be used for looking up internal host records.

  9. BF on August 23, 2020 at 7:46 pm

    How to find list of DNS request performed by Host(need code through powershell)?

Leave a Comment