Beyond the Basics of nslookup
nslookup is right up there with ping in terms of the most common tools for diagnosing network issues on Windows. Want to know if your DNS is set right for your website? Easy, just type nslookup davejlong.com and you'll see that the hostname points at 68.183.26.177.
Is that it, though? Is nslookup a one-trick pony? Of course not. nslookup is intended for querying all sorts of dns information. Below you'll find some examples of how to use nslookup to play with different DNS queries.
How to use nslookup options
nslookup has two ways of running. You can pass options to nslookup like most other commands, or you can drop into the dedicated CLI. The following examples will both do the same thing:
cmd> rem Using the command options
cmd> nslookup -retry=5 davejlong.com
Server: one.one.one.one
Address: 1.1.1.1
Non-authoritative answer:
Name: davejlong.com
Address: 68.183.26.177cmd> rem Using the CLI
cmd> nslookup
Default server: one.one.one.one
Address: 1.1.1.1
> set retry=5
> davejlong.com
Non-authoritative answer:
Name: davejlong.com
Address: 68.183.26.177For the rest of this post, I'll be using the CLI version of nslookup to make it easier to understand what's happening.
Alternative record types
By default, nslookup looks up A and CNAME records, the records that point a hostname to an IP address. What about the other types or DNS records? What about when setting up a new email service? nslookup can query any type of DNS record using the type option:
> set type=mx
> davejlong.com
...
Non-authoritative answer:
davejlong.com MX preference = 10, mail exchanger = aspmx2.googlemail.com
davejlong.com MX preference = 10, mail exchanger = aspmx3.googlemail.com
davejlong.com MX preference = 5, mail exchanger = alt1.aspmx.l.google.com
davejlong.com MX preference = 5, mail exchanger = alt2.aspmx.l.google.com
davejlong.com MX preference = 1, mail exchanger = aspmx.l.google.com
> set type=txt
> davejlong.com
...
Non-authoritative answer:
davejlong.com text =
"v=spf1 mx a include:_spf.google.com include:mailgun.org -all"So now I know that all my MX records and SPF records are setup for Google Workspace.
Querying different servers
The next thing you may want to do is check with different DNS servers. If you query your local DNS server and it gives the wrong record, is it really an issue with your local DNS server or is it an issue with the upstream DNS server that yours pulls from? Here's an example. I have a local DNS server that queries 1.1.1.1 for records that aren't in it's cache:
CMD> nslookup
Default Server: UnKnown
Address: 192.168.1.1
> davejlong.com
...
Name: davejlong.com
Address: 192.168.1.1
> server 1.1.1.1
Name: davejlong.com
Address: 68.183.26.177Looks like the local DNS server has an issue. It's pointing davejlong.com to my default gateway, even though the upstream DNS server knows the correct IP.
What's the deal with "Non-authoritative answer"?
Not so much a tip, but I wanted to mention why queries will also return "Non-authoritative answer" when you query DNS records. It simply means that your querys answer did not come from the authoritative DNS server for the domain. So what is the authoritative DNS server for a domain? Let's find out with nslookup:
> set type=ns
> davejlong.com
...
Non-authoritative answer:
davejlong.com nameserver = dns1.registrar-servers.com
davejlong.com nameserver = dns2.registrar-servers.comThe NS record holds the authoritative Name Server of the domain.
> server dns1.registrar-servers.com
Default Server: dns1.registrar-servers.com
Addresses: 2610:a1:1024::200
156.154.132.200
> davejlong.com
Server: dns1.registrar-servers.com
Addresses: 2610:a1:1024::200
156.154.132.200
Name: davejlong.com
Address: 68.183.26.177When we use the authoritative DNS servers, we no longer get the warning. If the authoritative server returns the wrong value, that means the zone file is truly wrong and it's not a DNS caching issue.
So that's it. There are still a number of options that you can set with nslookup to do all sorts of querying, but these 3 items are the most common uses that I find for nslookup day to day.