In this tutorial, you will learn how to use nslookup to check DNS records.
I’ll show you how to check several DNS record types (A, PTR, CNAME, MX, etc) by using the windows nslookup command.
And in this post, I’ll show you how to use nslookup against your local DNS server and an external DNS server (great tip for troubleshooting).
Let’s get started!
Table of Contents:
- How DNS Works
- Why you must learn the nslookup command
- Nslookup Syntax
- How to use nslookup to check DNS records
- DNS Troubleshooting Tips
How DNS works
Understanding how DNS works will help you troubleshoot DNS issues faster. It will help you identify if it’s a client, a local DNS issue, or another DNS server (forwarding server or ISP).
Computer and other network devices communicate by IP address. It would be hard to remember the IP address of every website or resource you access, domain names are easier to remember. DNS will take the easy to remember name and map it to the IP address so devices can communicate.
Below I walk through how a computer uses DNS to resolve names.
- User types in google.com into their browser. This will send a query to the DNS server to go fetch the IP address for google.com
- The DNS server that the client uses may not know the IP address. This can be your local Active Directory DNS server or your ISP DNS server. If it doesn’t know the IP address of the domain it will forward it on to the next DNS server.
- The next DNS server says it knows the IP address and sends the request back to the computer.
- The computer is then able to communicate to google.com.
DNS uses resource records to provide details about systems on a network. The above example used an A resource record which maps a domain name to an IP address.
In the examples below I will show you how to query different resource records.
Why you must learn the Nslookup command line tool
When DNS is not working devices cannot communicate. You will be unable to browse websites, send an email, chat online, stream videos, and so on.
If you have a local DNS server issue then your employees can’t work and business is impacted.
You need a way to quickly troubleshoot and resolve these issues.
That is why it’s important to know how to use the Nslookup command.
This command is built into all Windows operating systems, it’s free and easy to use.
If you are a system or network administrator it’s very important that you know how to quickly resolve DNS related issues.
To view the syntax just type nslookup hit enter then type?
Here is a screenshot
There are a lot of options but in most cases, you will only need a few of them to verify DNS records. The most useful command switches are set type, server, and debug. I’ll show you the most commonly used commands below.
How to Use Nslookup to Check DNS Records
Below are several examples of how to use nslookup to check various DNS record types. By default, nslookup will use the local DNS server configured by your computer. See the last example to change Nslookup to use an external server.
Nslookup IP Address (IP to Domain Name)
Use this command if you know the IP address and want to find the domain name. In the screenshot below the IP 22.214.171.124 resolves to the domain name dns.google.com
Nslookup domain name (Domain to IP Address)
If you want to find the IP address of a domain name then use this command. In this example, the domain name ad.activedirectorypro.com resolves to several IP addresses.
Nslookup MX record
nslookup -type=mx domainname
An MX record lookup will find the mail server that is responsible for accepting emails for the domain. To find the MX records use -type=mx followed by the domain name.
Nslookup SOA Record
nslookup -type=soa ad.activedirectorypro.com
The Start of Authority record indicates which DNS server is the best source of information for the domain. This will return the primary name server, responsible mail addresses, default ttl, and more.
nslookup -type=cname www.activedirectorypro.com
The CNAME record is used to alias or redirects one DNS name to another DNS name.
nslookup -type=na ad.activedirectorypro.com
Use the above command to view the name servers for a domain. You can see below the name servers for my domain are dc1, dc2 and dc3.
Nslookup TXT record
nslookup -type=na domainname
Use this command to view text DNS records for a domain.
Nslookup all DNS records
nslookup -type=any ad.activedirectorypro.com
This command will display all available records.
Nslookup domain controller
Use these steps to list all domain controllers for a specific domain.
- From the command prompt type nslookup and press enter
- Then type set type=SRV and press enter
- Next, type _ldap._tcp.ad.activedirectorypro.com and press enter. (replace ad.activedirectorypro.com with your domain name).
This will display all domain controllers for the ad.activedirectorypro.com domain.
Turning on debug will display a lot more details about the resource record such as primary name server, mail address, default TTL, and much more. To turn on debug use the command below
nslookup set debug
Nslookup use External DNS server
This is very useful in troubleshooting. Maybe a website isn’t loading on your internal network but does when you are off the network. You can use this to see if your internal DNS is returning different results than an external DNS server. You can use your ISP DNS server or google.
To change the DNS server type nslookup and press “enter”.
Then type server IPADDRESS. For example “server 126.96.36.199” and press enter. This will instruct the nslookup command to use the 188.8.131.52 server to run DNS record lookups.
Tips for troubleshooting DNS Problems
Here are my tips for troubleshooting DNS issues.
Step#1 Make sure you have connectivity to the DNS server?
If your client has communication issues with the DNS server then name resolution is not going to work.
To check what DNS is set on a Windows system use this command:
Now take the IP listed for the DNS server and see if the client can ping it or communicate with it.
Step #2 Are other users or devices having name resolution issues?
You need to determine how big of a problem you have. Is it just one, two, or many devices that have name resolution issues?
If it’s just one then you may just have a client issue. If it’s all or many then you may have an issue with the local or upstream DNS server.
Step #3 Use NSLookup to test local server
Use NSLookup to verify the local DNS server is working correctly. Use the command to verify DNS records on local servers. If you need examples see the previous section.
Step #4 Use DCDiag to check the AD Health
If you are having issues internally you will want to check the health of your Active Directory environment. Since DNS and AD are very tightly integrated a faulty domain controller could be causing your DNS issues.
See my tutorial on how to check domain controller health.
Step #5 Use NSlookup server to test forwarding DNS Server (UPstream)
If everything is resolving correctly internally but not externally you can test the forwarding DNS server with the NSLookup command. This could be your ISP DNS server or the root hint servers. Use NSLookup server option followed by the forwarding DNS server IP to run queries.
Step #6 Scan for viruses and spyware
Viruses and spyware can install all kinds of nasty things on computers to redirect traffic to malicious sites. Browser hijacking is very common
Step #7 Check the client’s host file
I don’t recommend adding entries to the host file but if it contains incorrect or outdated data, you won’t be able to connect. Viruses can also modify the host file which would redirect you to malicious websites.
Step #8 Flush DNS Cache
The client’s cache could be the problem to flush the cache run this command
I hope this article helped you understand the NSLookup and how it can be used to verify and troubleshoot DNS. If you liked this video or have questions leave a quick comment below.
In this guide, I walked through several examples of how to use the nslookup windows command. The nslookup command is a great tool to troubleshoot and check DNS records. A lot of times network issues are related to DNS and knowing how to quickly verify DNS is working correctly can be a huge time saver.