DNS diagnostic command NSLookup

Refer: http://www.renhaibo.com/archives/29.html

 

 

We are familiar with the ping command. It is a command for checking network conditions. When the input parameter is a domain name, it will be queried through DNS, however, only records a and cname (alias) can be queried, and the existence of domain names is returned. Other information is unavailable. If you need to troubleshoot DNS (Domain Name resolution system) faults, you must be familiar with another powerful command-NSLookup. NSLookup can be used to diagnose the basic structure information of the domain name resolution System (DNS, you can specify the query type, check the DNS record survival time, and specify the DNS server for explanation. This command can be used only after the TCP/IP protocol is installed.

 

The following uses Haibo blog domain name http://www.renhaibo.com as an example, detailed introduction of NSLookup command in command prompt (DOS) usage:

I. Query IP addresses

NSLookup allows you to easily query the IP addresses of the domain name, including the record and cname record. If you find the cname record, the system will return the settings of the alias record.

Format: NSLookup domain name,

There are three different results after you press Enter:

1. Return of a record,

The first two lines are the DNS server name and IP address used by your computer. You can ignore the error. The key point is that the IP address of renhaibo.com in the last two lines is 74.53.25.162. Please note that, even if the renhaibo.com host is not online, the result is returned.

2. Return information of the alias record (cname,

This shows that it is different from the ping command. Please refer to the results of viewing the cname record. Since the cname and a record are both active IP addresses at the end, the two are generally equivalent, and the command format is the same. This NSLookup operation returns three lines of information. The first two lines show that this is a cname record, corresponding domain name and IP address. The destination domain name is displayed, and the domain name is alias (alias ).

3. If the domain name does not exist,

The last line in English indicates that the target domain name does not exist or may be: no response from server. The returned results may vary depending on your domain name provider or DNS resolution system.

2. query other types of domain names

Our domain name is usually configured with other types of records, such as MX mail server records, to check whether the resolution is normal, this time the ping command will not work. The email server can only send emails but cannot receive emails. It is a domain name resolution issue or other problems. The ping command Check can only lead you astray. In this case, NSLookup can simulate domain name resolution on other servers. We need to add the appropriate parameters to NSLookup. The command format for specifying the query record type is as follows: NSLookup-Qt = Type Target Domain Name (note that QT must be in lower case)

The following formats can be used (case-insensitive). Only common Mx and NS formats are available:

1. A Address Record (IPv4)

2. AAAA Address Record (IPv6)

3. afsdb Andrew File System database server records (do not understand)

4. Atma ATM address record (not an ATM)

5. cname alias record

6. HINFO hardware configuration records, including CPU and operating system information

7. The ISDN number corresponding to the ISDN Domain Name

8. A server storing the specified email address in MB

9. Mg Contact Group record

10. Information record of minfo contact groups and mailboxes

11. Email record for Mr renaming

12. mx Mail Server record

Note: preference is the priority. A smaller value indicates a higher priority.

13. Ns name server record

14. PTR Reverse Record (interpreting domain names from IP addresses)

15. RP owner record

16. RT route penetration record

17. srv tcp server information record

18. Text information corresponding to the TXT Domain Name

19. X.25 address records for x25 domain names

Iii. DNS resolution service

By default, NSLookup uses the DNS server in the local TCP/IP configuration for query, but sometimes we need to specify a specific server for query test. In this case, you do not need to change the DNS configuration of the local machine. You only need to add the specified server IP address or domain name to the command. This parameter is necessary for troubleshooting a specified server. In addition, you can directly query the results of the authorized server by specifying the server to avoid the results cached by other servers.

Command syntax: NSLookup [-Qt = type] DNS Server IP address or domain name specified by the target domain name

For example, we use another DNS server of Hebei Telecom: 219.146.0.130 to query the NS records of renhaibo.com. The NS records of all second-level domain names are stored on top-level domain name servers. This is the most authoritative explanation. Note that there is no prompt for unauthorized results this time. This is definitely the Authorization result for the NS record query of the second-level domain name. The top-level domain name server is named ns57.domaincontrol.com, ns58.domaincontrol.com, and other two servers. When we modify the NS record of a domain name, we can use the above query to check whether the Modification result has taken effect on the top-level domain name server. However, even if it has already taken effect, it may not be able to be explained normally, and there is still a cache time issue. Please refer to the following for details.

Return

4. Check the domain name cache time

To check the domain name cache time, you need to use a new parameter:-d

Format: NSLookup-d [other parameters] Target Domain Name

Let's ignore the others and look at the last few rows of got answer, including a TTL value. This value indicates the survival time of the domain name record.

This kind of query reveals all the parts of the DNS data packet. You can see that DNS is not as simple as you think. For specific explanations, refer to the relevant standard documents. We need to remind you that you must find the answer: content. Other things are not the final result. There is more than one area above with a TTL value.

There are many other parameters in the NSLookup command. Here we will introduce several common parameters. In addition, if you do not like the command line method, you can search for the NSLookup tool on the graphic interface.

Reprinted please note, transferred from: renhaibo.com
Link: http://www.renhaibo.com/archives/29.html