In this tutorial, you'll learn how to use nslookup to check DNS records.
I'll show you how to check various types of DNS records (A, PTR, CNAME, MX, etc.) using the Windows nslookup command.
And in this post, I'll show you how to use nslookup against your local DNS server and an external DNS server (great troubleshooting tip).
Let us begin!
Table of Contents:
- How DNS works
- Why You Should Learn the nslookup Command
- Nslookup Syntax
- How to use nslookup to check DNS records
- DNS Troubleshooting Tips
How DNS works
Understanding how DNS works will help you troubleshoot DNS faster. It will help you identify if it is a client, local DNS problem or another DNS server (relay server or ISP).
The computer and other network devices communicate by IP address. It would be hard to remember the IP address of every website or resource you access, domain names are easier to remember. DNS will take the friendly name and map it to the IP address so the devices can communicate.
Here's how a computer uses DNS to resolve names..
- The user types google.com in their browser. This will send a query to the DNS server to get the IP address of google.com
- The DNS server used by the client may not know the IP address. This can be your local Active Directory DNS server or your ISP DNS server. If it doesn't know the IP address of the domain, it will forward it to the following DNS server.
- The next DNS server says that it knows the IP address and sends the request to the computer.
- The computer can then communicate with google.com.
DNS uses resource records to provide details about systems on a network. The previous example used an A resource record that maps a domain name to an IP address.
In the examples below, I'll show you how to query different resource records.
Why You Should Learn the Nslookup Command Line Tool
When DNS is down, devices cannot communicate. You will not be able to browse websites, send an email, chat online, stream videos, etc.
If you have a problem with your local DNS server, your employees can't work and your business suffers.
You need a way to quickly troubleshoot and resolve these issues.
That is why it is important to know how to use the Nslookup command.
This command is integrated into all Windows operating systems, it is free and easy to use.
If you are a system or network administrator, it is very important that you know how to quickly resolve DNS-related issues.
NSLookup Syntax
To see the syntax, just type nslookup, hit enter, and then type ?
Here is a screenshot
There are many options, but in most cases, you'll only need a few to check DNS records. The most useful command switches are configuration type, server, and debug. Below I will show you the most commonly used commands.
How to use Nslookup to verify DNS records
Below are several examples of how to use nslookup to check various types of DNS records. By default, nslookup will use the local DNS server configured by your computer. See the last example to change Nslookup to use an external server.
Nslookup IP address (IP to domain name)
nslookup 8.8.8.8
Use this command if you know the IP address and want to find the domain name. In the screenshot below, the IP 8.8.8.8 resolves to the domain name dns.google.com
Nslookup domain name (Domain to IP address)
domain name nslookup
If you want to find the IP address of a domain name, use this command. In this example, the domain name ad.activedirectorypro.com resolves to multiple IP addresses.
Nslookup MX record
nslookup -type=mx domain name
An MX record lookup will find the mail server responsible for accepting email for the domain. To find MX records, use -type=mx followed by the domain name.
Nslookup SOA record
nslookup -type=soa ad.activedirectorypro.com
The authority start record indicates which DNS server is the best source of information for the domain. This will return the main nameserver, the responsible email addresses, the default ttl, and more.
Nslookup CNAME
nslookup -type=cname www.activedirectorypro.comThe CNAME record is used to alias or redirect one DNS name to another DNS name.
Name server lookup
nslookup -type=na ad.activedirectorypro.comUse the above command to view the nameservers for a domain. You can see below that the nameservers for my domain are dc1, dc2, and dc3.
Registro TXT de Nslookup
nslookup -type=in domain nameUse this command to view the text DNS records for a domain.
Nslookup all DNS records
nslookup -type=any ad.activedirectorypro.comThis command will display all available records.
Nslookup domain controller
Use these steps to list all domain controllers for a specific domain.
- From the command prompt, typenslookupand press enter
- then writeset type = SRVand press enter
- then write_ldap._tcp.ad.activedirectorypro.comand press enter. (replace ad.activedirectorypro.com with your domain name).
This will display all domain controllers for the ad.activedirectorypro.com domain.
Detailed nslookup
Enabling debugging will display much more detail about the resource record, such as the primary nameserver, email address, default TTL, and more. To turn on debugging, use the following command
nslookup debug suite
Nslookup uses an external DNS server
This is very useful in troubleshooting. Maybe a website doesn't load on your internal network, but does when you're offline. You can use this to see if your internal DNS returns different results than an external DNS server. You can use your ISP's or google's DNS server.
To change the DNS server typenslookupand press “enter”.
then writeIP address of the server. For example, "server 8.8.8.8" and press enter. This will tell the nslookup command to use the 8.8.8.8 server to run DNS record lookups.
DNS Troubleshooting Tips
Here are my tips for troubleshooting DNS.
Step #1 Make sure you have connectivity to the DNS server?
If your client is having communication problems with the DNS server, name resolution will not work.
To check what DNS is configured on a Windows system, use this command:
ipconfig / all
Now take the IP listed for the DNS server and see if the client can ping or communicate with it.
Step #2 Are other users or devices having name resolution issues?
You need to determine how big of a problem you have. Is it just one, two, or many devices having name resolution issues?
If it's just one, you may just have a customer issue. If it's all or many, you may have a problem with your local or upstream DNS server.
Step #3 Use NSLookup to test the local server
Use NSLookup to verify that the local DNS server is working correctly. Use the command to check the DNS records on the local servers. If you need examples, see the previous section.
Step #4 Use DCDiag to check AD status
If you're having problems internally, you'll want to check the status of your Active Directory environment. Since DNS and AD are very tightly integrated, a faulty domain controller could be causing your DNS problems.
See my tutorial onhow to check domain controller status.
Step #5 Use the NSlookup server to test the forwarding DNS server (UPstream)
If everything resolves correctly internally but not externally, you can test the forwarding DNS server with the NSLookup command. This could be your ISP's DNS server or root hint servers. Use the NSLookup server option followed by the forwarding DNS server IP to run queries.
Step #6 Scan for viruses and spyware
Viruses and spyware can install all kinds of nasty things on computers to redirect traffic to malicious sites. Browser hijacking is very common
Step #7 Check the client host file
I don't recommend adding entries to the host file, but if it contains incorrect or outdated data, you won't be able to connect. Viruses can also modify the host file, which would redirect you to malicious websites.
Step #8 Clear DNS Cache
The client cache could be the problem to flush the cache, run this command
ipconfig /flushdns
I hope this article has helped you understand NSLookup and how it can be used to check and troubleshoot DNS. If you liked this video or have any questions, please leave a quick comment below.
Summary
In this guide, I've gone through several examples of how to use the nslookup Windows command. The nslookup command is a great tool for troubleshooting and checking DNS records. Many times, network problems are related to DNS and knowing how to quickly verify that DNS is working correctly can save you a lot of time.
FAQs
How to Use the Windows Nslookup Command (11 Examples)? ›
For the first parameter, type the name or IP address of the computer that you want to look up. For the second parameter, type the name or IP address of a DNS name server. If you omit the second argument, nslookup uses the default DNS name server.
How do I use nslookup in Windows 11? ›For the first parameter, type the name or IP address of the computer that you want to look up. For the second parameter, type the name or IP address of a DNS name server. If you omit the second argument, nslookup uses the default DNS name server.
How do I use nslookup command in Windows? ›Go to Start and type cmd in the search field to open the command prompt. Alternatively, go to Start > Run > type cmd or command. Type nslookup and hit Enter. The displayed information will be your local DNS server and its IP address.
How do you write a nslookup command? ›- Access to the command line interface. ...
- For example, you can type a domain name and receive information about it. ...
- In interactive mode, specify an option in a separate line before the query. ...
- To exit interactive mode, type: exit. ...
- nslookup Options. ...
- View Domains MX Records.
The nslookup command queries internet domain name servers in two modes. Interactive mode allows you to query name servers for information about various hosts and domains, or to print a list of the hosts in a domain. In noninteractive mode, the names and requested information are printed for a specified host or domain.
How do I reverse lookup an IP address using nslookup? ›- Open the command prompt.
- Type nslookup followed by the IP address and press 'Enter. ' For example, it can be nslookup 8.8. 8.8.
- Now, the command prompt will return the DNS name and the IP you entered.
Use a website that gathers domain information, like WHOIS lookup, to look up public information about your name server. Search your domain name. Enter your domain name in the search field, such as mywebsite.com, and look up the domain information. Look for Name Server information in search results.
What are the options for nslookup in Windows? ›Nslookup has two modes: interactive and noninteractive. If you need to look up only a single piece of data, use noninteractive mode. For the first parameter, type the name or IP address of the computer that you want to look up. For the second parameter, type the name or IP address of a DNS name server.
What is the IP address in nslookup? ›Name server lookup (nslookup) is a command-line tool that lets you find the internet protocol (IP) address or domain name system (DNS) record of a specific hostname. This command also allows reverse DNS lookup by inputting the IP addresses of the corresponding domains.
How do I find my hostname using nslookup? ›Type "nslookup %ipaddress%" in the black box that appears on the screen, substituting %ipaddress% with the IP address for which you want to find the hostname. Find the line labeled "Name" underneath the line with the IP address you entered and record the value next to "Name" as the hostname of the computer.
How do I query DNS records in nslookup? ›
An NSLookup checks the Name Server (NS) records for a specified domain. These DNS records are mandatory for any DNS configuration as they contain vital information that tells top level domain (TLD) servers which nameserver is authoritative for a domain.
How do I use nslookup to list all records? ›- Launch Windows Command Prompt by navigating to Start > Command Prompt or via Run > CMD.
- Type NSLOOKUP and hit Enter. ...
- Set the DNS Record type you wish to lookup by typing set type=## where ## is the record type, then hit Enter. ...
- Now enter the domain name you wish to query then hit Enter..
The nslookup command line tool uses your system's DNS stub resolver by default. This resolver uses your ISP's DNS servers if you haven't changed them. You can overwrite this default setting by specifying a DNS server in the command itself. Nslookup will now use Google's DNS server — running at the IP address 8.8.
How does DNS lookup work in Windows? ›Your DNS recursive resolver, also known as a recursor or resolver, will first check to see if the requested information is in cache. If no information is available in cache, the resolver will then request the IP address from root, TLD and authoritative nameservers.
Is nslookup a DNS tool? ›Online nslookup is a web based DNS client that queries DNS records for a given domain name. It allows you to view all the DNS records for a website. It provides the same information as command line tools like dig and nslookup, from the convenience of your web browser.
How do I check DNS resolution in Windows? ›For Windows, type ipconfig /all to display the configured name resolution servers. Display DNS server information using the ipconfig command.
How do I use IP lookup command? ›First, click on your Start Menu and type cmd in the search box and press enter. A black and white window will open where you will type ipconfig /all and press enter. There is a space between the command ipconfig and the switch of /all. Your ip address will be the IPv4 address.
How do I trace an IP address back? ›- Open the Command Prompt. First, press the Windows key and the “R” button. ...
- Ping the Website You Want to Trace. Type “ping” followed by the URL of the website to get its IP.
- Run the “Tracert” Command on the IP. ...
- Put These IPs Into an IP Lookup Tool.
In Windows, go to All Programs -> Accessories. Then right-click on Command Prompt. Choose Run As Administrator and type in nslookup %ipaddress% putting an IP address instead of %ipaddress%.
What are the three entries used by DNS? ›3 types of DNS queries—recursive, iterative, and non-recursive. 3 types of DNS servers—DNS Resolver, DNS Root Server and Authoritative Name Server.
What is the difference between nslookup and DNS lookup? ›
This is called “resolving,” where a DNS server checks to see if a given URL has an IP address. Nslookup is similar in that it asks the DNS server for information on a domain, but it can gather more information about mail servers, IP addresses, and more.
When should I use nslookup? ›The main use of nslookup is for troubleshooting DNS related problems. Nslookup can be use in interactive and non-interactive mode. To use in interactive mode type nslookup at the command line and hit return. You should get an nslookup command prompt.
What port number is nslookup? ›The NSLOOKUP command uses port 53 by default, but the port option enables you to specify another port to access. The range for valid values is from 1 to 65535.
What is the difference between ping and nslookup? ›What's the Difference Between nslookup and Ping? While both are useful for troubleshooting network problems, ping uses additional steps to resolve a domain name to an IP address. Meanwhile, nslookup only relies on the DNS server. Pinging an IP address lets you verify if the address exists and can handle requests.
Can nslookup do reverse lookup? ›The nslookup command can also perform a reverse lookup using an IP address to find the domain or host associated with that IP address.
What is server and address in nslookup? ›nslookup is an abbreviation of name server lookup and allows you to query your DNS service. The tool is typically used to obtain a domain name via your command line interface (CLI), receive IP address mapping details, and lookup DNS records. This information is retrieved from the DNS cache of your chosen DNS server.
What is the difference between a hostname and an IP address? ›A hostname is a distinct name or label assigned to any device connected to a computer network, while An Internet Protocol or IP address is a unique identifier that identifies a device on the Internet or in a local network. Each host has its unique IP address by which they are connected to the network.
How to find IP address from domain name in command prompt? ›In an open command line, type ping followed by the hostname (for example, ping dotcom-monitor.com). and press Enter. The command line will show the IP address of the requested web resource in the response. An alternative way to call Command Prompt is the keyboard shortcut Win + R.
What commands can be used to check DNS records? ›To see your current DNS settings, type ipconfig /displaydns and press Enter. To delete the entries, type ipconfig /flushdns and press Enter. To see your DNS settings again, type ipconfig /displaydns and press Enter.
Which command is used to manually query a DNS? ›nslookup is a command-line tool for network administration. It can be used to query Domain Name System (DNS) records for domain names.
Which command is used to display all records in a DNS cache? ›
To view the contents of the local DNS cache, open a command prompt window and type in the command “ipconfig /displaydns”. This will display a list of all the domain names and their associated IP addresses that are stored in the local DNS cache. The ipconfig command can also be used to flush the local DNS cache.
How do I find DNS records in Windows server? ›Open the Start menu, type Command Prompt and choose Run as administrator from the right pane. In the Command Prompt window, type ipconfig /all and press Enter. You can see the DNS servers in the information that appears on the screen.
What are the two types of DNS lookup? ›There are two types of lookups: forward DNS and reverse DNS. Both resolve information related to the domain, depending on the search method. If you have a domain name or email address and need the IP address resolved, forward DNS is used to return the requested information.
How do I use DNS on Windows? ›From the Windows desktop, open the Start menu, select Windows Administrative Tools > DNS. Select and hold (or right-click) your server, and then select Properties. To limit the DNS server to use a specific IP address, select Only the following IP address, select the IP address you wish to use, and then select OK.
Which DNS server does nslookup use? ›To use NSLOOKUP to find the DNS server responsible for resolving a domain name, open a command prompt and type "nslookup -type=ns domainname.com", replacing "domainname.com" with the name of the domain you want to look up. The tool will return the name server(s) responsible for resolving that domain name.
What type of query is nslookup? ›nslookup (from "name server lookup") is a network administration command-line tool for querying the Domain Name System (DNS) to obtain the mapping between domain name and IP address, or other DNS records.
Does Windows use nslookup? ›In addition, Microsoft® Windows® offers nslookup , a built-in tool for checking your DNS records from the command line. To access nslookup , open a command prompt window by selecting Start > All Programs > Accessories > Command Prompt.
How do I resolve a nslookup problem? ›By default, nslookup sends queries to DNS servers on UDP port 53. Therefore, if the DNS server uses any other port, nslookup queries fail. If you think that this might be the problem, check whether an intermediate filter is intentionally used to block traffic on well-known DNS ports.
How do I add DNS to Windows 11? ›Changing DNS server settings in Windows 11
In Windows 11, go to Settings > Network & Internet. Select the option for Advanced network settings. Click the entry for the type of connection you wish to modify: Ethernet or Wi-Fi. Then, select the option for View additional Properties.
Here's how to check DNS settings in Windows and see if your DNS is working: Open the Command Prompt. Type ipconfig /all and press Enter. Look for the DNS Servers entry to check your DNS settings and verify that they are correct.
How do I use custom DNS in Windows 11? ›
To change the DNS address on Windows 11, open Settings > Network & internet and select Ethernet or Wi-Fi. Then open the “DNS server assignment” settings and change the DNS address. Also, on Command Prompt, you can use the “netsh interface ip set dns name=”Ethernet0″ static 1.1. 1.1” command.
What are the options for NSLookup in Windows? ›Nslookup has two modes: interactive and noninteractive. If you need to look up only a single piece of data, use noninteractive mode. For the first parameter, type the name or IP address of the computer that you want to look up. For the second parameter, type the name or IP address of a DNS name server.
What command is similar to NSLookup in Windows? ›The PowerShell Equivalent of NSLookup is Resolve-DnsName
-- To download and install Help files for the module that includes this cmdlet, use Update-Help.
Open the Run dialog box using the Windows key + R combination. Input MSConfig in the Run dialog box and click on the OK button. Switch to the Services tab and find the DNS client option from the list. Enable the DNS client service by marking the checkbox to the left of the service.
How do I change DNS to 8.8 8.8 Windows 11? ›- Go to the Control Panel.
- Click Network and Internet > Network and Sharing Center > Change adapter settings.
- Select the connection for which you want to configure Google Public DNS. ...
- Select the Networking tab. ...
- Click Advanced and select the DNS tab. ...
- Click OK.
- Select Use the following DNS server addresses.
- Press Win + R to launch the Run command box.
- Type “ipconfig /flushdns” command.
- Press Ctrl + Shift + Enter keys at once. The Command Prompt will launch, execute the flush command, and close automatically.
- Cloudflare. Preferred DNS: 1.1.1.1. Alternative DNS: 1.0.0.1.
- Google. Preferred DNS: 8.8.8.8. Alternative DNS: 8.8.4.4.
- OpenDNS. Preferred DNS: 208.67.222.222. Alternative DNS: 208.67.220.220.
- Comodo Secure DNS. Preferred DNS: 8.26.56.26. Alternative DNS: 8.20.247.20.
- Quad9 DNS. Preferred DNS: 9.9.9.9.
- Go to Start > Run and type cmd .
- At a command prompt, type nslookup , and then press Enter.
- Type server <IP address> ;,where IP address is the IP address of your external DNS server.
- Type set q=M X, and then press Enter.
- Type <domain name> , where domain name is the name of your domain, and then press Enter.
This is called “resolving,” where a DNS server checks to see if a given URL has an IP address. Nslookup is similar in that it asks the DNS server for information on a domain, but it can gather more information about mail servers, IP addresses, and more.
What is the difference between Windows ping and nslookup? ›What's the Difference Between nslookup and Ping? While both are useful for troubleshooting network problems, ping uses additional steps to resolve a domain name to an IP address. Meanwhile, nslookup only relies on the DNS server. Pinging an IP address lets you verify if the address exists and can handle requests.
What DNS server does nslookup use? ›
Nslookup will now use Google's DNS server — running at the IP address 8.8.
How do I fix DNS server issues in Windows 11? ›- Troubleshoot Network Problems. ...
- Connect With a Different Device. ...
- Switch to Another Web Browser. ...
- Restart PC in Safe Mode. ...
- Restart Modem or Router. ...
- Deactivate Antivirus and Firewall. ...
- Disable Other Connections. ...
- Change the DNS Server Address.