How to use Nslookup to check DNS Records

Test DNS records with NSlookupIn this tutorial, you’re going to learn how to use the Nslookup command to check DNS records.

You’ll also learn how Nslookup can be used to troubleshoot DNS issues. I walk through the exact steps and provide several Nslookup examples.

And in this post, I’ll show you my tips for troubleshooting DNS.

Let’s get started!

Topics in this tutorial

How DNS Works
Why you must learn the nslookup command
Nslookup Syntax
Nslookup Examples
DNS Troubleshooting Tips

 How DNS works

Understanding how DNS works will help you troubleshoot DNS issues faster. It will help you identify if its a client, a local DNS issue or another DNS server (forwarding server or ISP).

Computer and other network devices communicate by IP address. It would be hard to remember the IP address of every website or resource you access, words are easier to remember. DNS will take the easy to remember name and map it to the IP address so devices can communicate.

Below I walk through how a computer uses DNS to resolve names.

1. User types in google.com into their browser. This will send a query to the DNS server to go fetch the IP address for google.com

2. The DNS server that the client uses may not know the IP address. This can be your local Active Directory DNS server or your ISP DNS server. If it doesn’t know the IP address of the domain it will forward it on to the next DNS server.

3. The next DNS server says it knows the IP address and sends the request back to the computer.

4. The computer is then able to communicate to google.com.

DNS uses resource records to provide details about systems on a network. The above example used an A resource record which maps a domain name to an IP address.

In the examples below I will show you how to query different resource records.

Why you must learn the Nslookup command line tool

When DNS is not working devices cannot communicate. You will be unable to browse to websites, send email, chat online, stream videos and so on.

If you have a local DNS server issue then your employees can’t work and business is impacted.

You need a way to quickly troubleshoot and resolve these issues.

That is why it’s important to know how to use the Nslookup command.

This command is built into all windows operating systems, it’s free and easy to use.

If you are a system or network administrator it’s very important that you know how to quickly resolve DNS related issues.

NSLookup Syntax

To view the syntax just type nslookup hit enter then type ?

Here is a screenshot

There is a lot of options but in most cases, you will only need a few of them to verify DNS records. The most useful command switches are set type, server and debug. I’ll show you the most commonly used commands below.

Nslookup Examples

In each example, I show you the commands then a screenshot with the results.

PTR Record Lookup (IP to Domain Name)

Use this command if you know the IP address and what to find the domain name.

nslookup 8.8.8.8

A Record Lookup (Domain to IP Address)

If you want to find the IP address of a domain name then use this command:

nslookup domainname

MX Lookup

An mx record lookup will find mail server that is responsible for accepting email for the domain.

nslookup hit enter
set q=mx hit enter
type domain, hit enter

SOA Record Lookup

The Start of Authority record indicates which DNS server is the best source of information for the domain. This will return the primary name server, responsible mail addresses, default ttl and more.

type nslookup hit enter
type set q=SOA hit enter
type domain name, hit enter

CNAME

set q=cname

Name Server

This command will return the name servers a domain is using.

type nslookup hit enter
type set q=ns hit enter
type in domain to query hit enter

Using an alternative DNS Server

This is very useful in troubleshooting. Maybe a website isn’t loading on your internal network but does when you off the network. You can use this to see if your internal DNS is returning different results than an external DNS server. You can use your ISP DNS server or google.

nslookup hit enter
 server=DNS-Server-IP hit enter
type in domain name hit enter

Using Verbose

Turning on debug will display a lot more details about the resource record such as primary name server, mail address, default TTL and much more. To turn on debug use the command below

set debug

Tips for troubleshooting DNS Problems

Here are my tips for troubleshooting DNS issues.

Step#1 Make sure you have connectivity to the DNS server?

If your client has communication issues to the DNS server then name resolution is not going to work.

To check what DNS is set on a Windows system use this command:

ipconfig /all

Now take the IP listed for the DNS server and see if the client can ping it or communicate with it.

Step #2 Are other users or devices having name resolution issues?

You need to determine how big of a problem you have. Is it just one, two or many devices that have name resolution issues?

If it’s just one then you may just have a client issue. If it’s all or many then you may have an issue with the local or upstream DNS server.

Step #3 Use NSLookup to test local server

Use NSLookup to verify the local DNS server is working correctly. Use the command to verify DNS records on local servers. If you need examples see the previous section.

Step #4 Use DCDiag to check the AD Health

If your having issues internally you will want to check the Health of your Active Directory environment. Since DNS and AD are very tightly integrated a faulty domain controller could be causing your DNS issues.  See my tutorial on how to check domain controller health.

Step #5 Use NSlookup server to test forwarding DNS Server (UPstream)

If everything is resolving correctly internally but not external you can test the forwarding DNS server with the NSLookup command. This could be your ISP DNS server or the root hint servers. Use NSLookup server option followed by the forwarding DNS server IP to run queries.

Step #6 Scan for viruses and spyware

Viruses and spyware can install all kinds of nasty things on computers to redirect traffic to malicious sites. Browser hijacking is very common

Step #7 Check the client’s host file

I don’t recommend adding entries to the host file but if it contains incorrect or outdated data, you won’t be able to connect. Viruses can also modify the host file which would redirect you to malicious websites.

Step #8 Flush DNS Cache

The client’s cache could be the problem to flush the cache run this command

ipconfig /flushdns

I hope this article helped you understand the NSLookup and how it can be used to verify and troubleshoot DNS. If you liked this video or have questions leave a quick comment below.

See Also:
DCDiag: Check Domain Controller Health
21 Effective Active Directory Management Tips

Recommended Tool: SolarWinds Server & Application Monitor (SAM)

This utility was designed to Monitor Active Directory and other critical applications. It will quickly spot domain controller issues, prevent replication failures, track failed logon attempts and much more.

What I like best about SAM is it’s easy to use dashboard and alerting features. It also has the ability to monitor virtual machines and storage.

Download Your Free Trial of SolarWinds Server & Application Monitor. 

4 Comments

  1. Mostafa on October 28, 2018 at 3:08 pm

    Very Good, Thanks alot

    • Robert Allen on November 2, 2018 at 11:17 am

      No problem

  2. johan on November 25, 2018 at 10:13 am

    can you clarify the Using an alternative DNS Server part? I cant see the code youre using in your output

    • Robert Allen on November 25, 2018 at 2:55 pm

      Just type “nslookup” and then enter
      Then type “server 8.8.8.8” and the enter (or enter whatever DNS server you want to use).

      Now when you run lookups it will use the DNS server you specified.

      Does that help?

Leave a Comment