nslookup - query Internet name servers interactively
nslookup [ -option ... ] [ host-to-find | - [ server ]]
Nslookup is a program to query Internet domain name servers. Nslookup has two modes: interactive and non-interactive. Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain. Non-interactive mode is used to print just the name and requested information for a host or domain.
Interactive mode is entered in the following cases:
|
a) |
when no arguments are given (the default name server will be used), | ||
|
b) |
when the first argument is a hyphen (-) and the second argument is the host name or Internet address of a name server. |
Non-interactive mode is used when the name or Internet address of the host to be looked up is given as the first argument. The optional second argument specifies the host name or address of a name server.
The options
listed under the ’’set’’ command
below can be specified in the .nslookuprc file in the
user’s home directory if they are listed one per line.
Options can also be specified on the command line if they
precede the arguments and are prefixed with a hyphen. For
example, to change the default query type to host
information, and the initial timeout to 10 seconds, type:
nslookup -query=hinfo -timeout=10
Commands may be
interrupted at any time by typing a control-C. To exit, type
a control-D (EOF) or type exit. The command line length must
be less than 256 characters. To treat a built-in command as
a host name, precede it with an escape character (\).
N.B. an unrecognized command will be interpreted as a
host name.
host [server]
Look up information for host using the current default server or using server if specified. If host is an Internet address and the query type is A or PTR, the name of the host is returned. If host is a name and does not have a trailing period, the default domain name is appended to the name. (This behavior depends on the state of the set options domain, srchlist, defname, and search). To look up a host not in the current domain, append a period to the name.
server domain
lserver domain
Change the default server to domain. Lserver uses the initial server to look up information about domain while server uses the current default server. If an authoritative answer can’t be found, the names of servers that might have the answer are returned.
|
root |
Changes the default server to the server for the root of the domain name space. Currently, the host ns.internic.net is used. (This command is a synonym for lserver ns.internic.net.) The name of the root server can be changed with the set root command. |
finger [name]
[> filename]
finger [name] [>>
filename]
Connects with the finger server on the current host. The current host is defined when a previous lookup for a host was successful and returned address information (see the set querytype=A command). Name is optional. > and >> can be used to redirect output in the usual manner.
ls [option]
domain [> filename]
ls [option] domain [>>
filename]
List the information available
for domain, optionally creating or appending to
filename. The default output contains host names and
their Internet addresses. Option can be one of the
following:
-t querytype
lists all records of the specified type (see querytype below).
|
-a |
lists aliases of hosts in the domain. synonym for -t CNAME. | ||
|
-d |
lists all records for the domain. synonym for -t ANY. | ||
|
-h |
lists CPU and operating system information for the domain. synonym for -t HINFO. | ||
|
-s |
lists well-known services of hosts in the domain. synonym for -t WKS. |
When output is directed to a file, hash marks are printed for every 50 records received from the server.
view filename
Sorts and lists the output of previous ls command(s) with more(@CMD_EXT@).
|
help |
||||
|
? |
Prints a brief summary of commands. |
|||
|
exit |
Exits the program. |
set keyword[=value]
This command is used to change state information that affects the lookups. Valid keywords are:
|
all |
Prints the current values of the frequently-used options to set. Information about the current default server and host is also printed. |
class=value
Change the query class to one of:
|
IN |
the Internet class. |
|||
|
CHAOS |
the Chaos class. |
|||
|
HESIOD |
the MIT Athena Hesiod class. |
|||
|
ANY |
wildcard (any of the above). |
The class
specifies the protocol group of the information.
(Default = IN, abbreviation = cl)
[no]debug
Turn debugging mode on. A lot
more information is printed about the packet sent to the
server and the resulting answer.
(Default = nodebug, abbreviation = [no]deb)
|
[no]d2 |
Turn exhaustive debugging mode on. Essentially all fields of every packet are printed. |
(Default = nod2)
domain=name
Change the default domain name
to name. The default domain name is appended to a
lookup request depending on the state of the defname
and search options. The domain search list contains
the parents of the default domain if it has at least two
components in its name. For example, if the default domain
is CC.Berkeley.EDU, the search list is CC.Berkeley.EDU and
Berkeley.EDU. Use the set srchlist command to specify
a different list. Use the set all command to display
the list.
(Default = value from hostname, /etc/resolv.conf or
LOCALDOMAIN, abbreviation = do)
srchlist=name1/name2/...
Change the default domain name
to name1 and the domain search list to name1,
name2, etc. A maximum of 6 names separated by slashes
(/) can be specified. For example,
set srchlist=lcs.MIT.EDU/ai.MIT.EDU/MIT.EDU
sets the domain to lcs.MIT.EDU and the search list to the
three names. This command overrides the default domain name
and search list of the set domain command. Use the
set all command to display the list.
(Default = value based on hostname, /etc/resolv.conf or
LOCALDOMAIN, abbreviation = srchl)
[no]defname
If set, append the default
domain name to a single-component lookup request (i.e., one
that does not contain a period).
(Default = defname, abbreviation = [no]def)
[no]search
If the lookup request contains
at least one period but doesn’t end with a trailing
period, append the domain names in the domain search list to
the request until an answer is received.
(Default = search, abbreviation = [no]sea)
port=value
Change the default TCP/UDP name
server port to value.
(Default = 53, abbreviation = po)
querytype=value
type=value
Change the type of information query to one of:
|
A |
the host’s Internet address. | ||
|
CNAME |
the canonical name for an alias. | ||
|
HINFO |
the host CPU and operating system type. | ||
|
MINFO |
the mailbox or mail list information. | ||
|
MX |
the mail exchanger. | ||
|
NS |
the name server for the named zone. | ||
|
PTR |
the host name if the query is an Internet address, otherwise the pointer to other information. | ||
|
SOA |
the domain’s ’’start-of-authority’’ information. | ||
|
TXT |
the text information. | ||
|
UINFO |
the user information. | ||
|
WKS |
the supported well-known services. |
Other types
(ANY, AXFR, MB, MD, MF, NULL) are described in the RFC-1035
document.
(Default = A, abbreviations = q, ty)
[no]recurse
Tell the name server to query
other servers if it does not have the information.
(Default = recurse, abbreviation = [no]rec)
retry=number
Set the number of retries to
number. When a reply to a request is not received
within a certain amount of time (changed with set
timeout), the timeout period is doubled and the request
is resent. The retry value controls how many times a request
is resent before giving up.
(Default = 4, abbreviation = ret)
root=host
Change the name of the root
server to host. This affects the root command.
(Default = ns.internic.net., abbreviation = ro)
timeout=number
Change the initial timeout
interval for waiting for a reply to number seconds.
Each retry doubles the timeout period.
(Default = 5 seconds, abbreviation = ti)
|
[no]vc |
Always use a virtual circuit when sending requests to the server. |
(Default = novc, abbreviation = [no]v)
[no]ignoretc
Ignore packet truncation
errors.
(Default = noignoretc, abbreviation = [no]ig)
If the lookup
request was not successful, an error message is printed.
Possible errors are:
Timed out
The server did not respond to a request after a certain amount of time (changed with set timeout=value) and a certain number of retries (changed with set retry=value).
No response from server
No name server is running on the server machine.
No records
The server does not have resource records of the current query type for the host, although the host name is valid. The query type is specified with the set querytype command.
Non-existent domain
The host or domain name does not exist.
Connection refused
Network is unreachable
The connection to the name or finger server could not be made at the current time. This error commonly occurs with ls and finger requests.
Server failure
The name server found an internal inconsistency in its database and could not return a valid answer.
Refused
The name server refused to service the request.
Format error
The name server found that the request packet was not in the proper format. It may indicate an error in nslookup.
/etc/resolv.conf
initial domain name and name server addresses.
$HOME/.nslookuprc user’s initial options.
/usr/share/misc/nslookup.help summary of commands.
HOSTALIASES
file containing host aliases.
LOCALDOMAIN overrides default domain.
resolver(@LIB_NETWORK_EXT@),
resolver(@FORMAT_EXT@), @INDOT@named(@SYS_OPS_EXT@),
RFC-1034 ’’Domain Names - Concepts and
Facilities’’
RFC-1035 ’’Domain Names - Implementation and
Specification’’
Andrew Cherenson