How can I use NSLookup to determine whether the Internet can be resolved to the intranet mail server?

Source: Internet
Author: User
Tags domain name server mx record nslookup nslookup command
NSLookup -Qt = mx Email server IP address or domain name The domain name or IP address of the specified DNS server.

Usage:
Query IP addresses

The simplest use of NSLookup is to query the IP address corresponding to the domain name, including the record and cname record. If a cname record is found, the setting of the alias record is returned. Its usage is:

NSLookupDomain Name

The following are the responses of a record.


The NSLookup command uses reverse interpretation to obtain the name of the used DNS server. Because I am using an internal DNS server, there is no correct Reverse Record, the first few rows of the result are incorrect. You can ignore it. The last two lines show that the IP address of www.oray.net is 61.145.112.212. Note that results can be returned even if the host www.oray.net is not online.

If the target domain name is an alias record (cname), NSLookup will start to display the difference from the ping command. Please refer to the query results of the cname record. Since the cname and a record are both active IP addresses at the end, the two are generally equivalent, and the command format is the same.

Note that this NSLookup operation returns three lines of information. The first two lines show that this is a cname record, corresponding domain name and IP address. The destination domain name is displayed at the end,And indicate alias (alias ).
What if the domain name does not exist?

Can you understand the last line of English or remember the shape. This is also the result if a specified type of domain name does not have a corresponding record.

Query other types of domain names

We didn't add any parameters to the previous two commands. Therefore, NSLookup queries a type of record by default. If we configure other types of records, we want to see whether the explanation is normal. At this time, Ping is powerless. For example, if we have configured an MX record, but the mail server can only send and not receive emails, whether it is a domain name interpretation problem or other problems, the ping command Check can only mislead you. NSLookupAt this time, you can simulate other situations where you encounter domain name interpretations on the server. We need to add the appropriate parameters to NSLookup. The command format for specifying the query record type is as follows:

NSLookup-Qt = TypeTarget Domain Name

Note that QT must be in lower case.

It can be of the following character type, not case sensitive:

AAddress Record (IPv4)
AaaaAddress Record (IPv6)
AfsdbAndrew File System database server records (do not understand)
AtmaATM address record (not an ATM)
CnameAlias record
HINFOHardware configuration records, including CPU and operating system information
ISDNISDN number corresponding to the domain name
MBServer that stores the specified email address
MGContact list record
MinfoEmail group and email information record
MrRenamed email records
MXEmail server record
NSName Server record
PTRReverse Record (interpreting domain names from IP addresses)
RPOwner record
RTRoute penetration record (not understood)
SrvTCP server information record (useful)
TxtText information corresponding to the domain name
X25X.25 address records corresponding to the domain name
Check the mail server record of oray.net.

Look, NSLookup gives the Server Name and address. Note that preference is the priority mentioned above. The smaller the value, the higher the priority.

Let's see what the name server record looks like.

It looks similar to the MX record format. Generally, the server returns the corresponding address at the same time. However, there are also situations where no response is returned.

Here, I want you to check that the line "non-suthoritativeanswer:" is displayed. This line is not shown in the previous example. Its appearance indicates that the result is obtained from the server cache. This is not an authorization answer. During the previous queries, the machine 192.168.1.104 used the process described in our first article to query the domain name of oray.net. In this process, not only the final results of www.oray.net, test.oray.net, and oray.net MX records are cached. It also includes the obtained name server and other intermediate results. The NS records of oray.net are implicitly queried. We will introduce this process later.

Name server used

By default, NSLookup uses the DNS server in the local TCP/IP configuration for query, but sometimes we need to specify a specific server for query test. At this time, we do not need to change the TCP/IP configuration of the local machine. Just add the specified server IP address or domain name to the end of the command. This parameter is necessary for troubleshooting a specified server. In addition, you can directly query the results of the authorized server by specifying the server to avoid the results cached by other servers. The command format is as follows:

NSLookup[-Qt = type]Target Domain NameThe specified DNS Server IP address or domain name

Let's take a look at the following command results:

This command directly queries the NS records of oray.net from the top-level domain name server. The NS records of all second-level domain names are stored on top-level domain name servers, which is the most authoritative explanation. Note that there is no prompt for unauthorized results this time. This is definitely the Authorization result for the NS record query of the second-level domain name. The name of the top-level domain name server is a total of ten servers from j.gtld-servers.net. (Gtld is globalTopLevelDomain ). When we modify the NS record of a domain name, we can use the above query to check whether the Modification result has taken effect on the top-level domain name server. However, even if it has already taken effect, it may not be able to be explained normally. Pay attention to the cache time issue I mentioned in the previous article.

So how long is the cache?

Check the domain name cache time

To check the domain name cache time, we need to use a new parameter:-d

The format is as follows:

NSLookup-D[Other parameters]Target Domain Name[Specified server address]

See examples

Let's ignore others and look at got.The last few lines of answer include a TTL value. This value indicates the survival time of the domain name record.

This kind of query reveals all the parts of the DNS data packet. You can see that DNS is not as simple as you think. For specific explanations, refer to the relevant standard documents. We need to remind you that you must find the answer: content. Other things are not the final result. There is more than one area above and the TTL value.
Simulation of domain name interpretation process

Now let's simulate a DNS server's domain name interpretation process when it receives a domain name that is not managed by itself. Recall the process of the first article:

First, we will ask the root server, and then the root server will ask us to find the corresponding top-level server. If oray.net is queried, we will be asked to find the Net Server.

Take a look at the following example:

Here we ask the 21cn.com server to explain the domain name www.oicp.net. Obviously, this server does not need this domain and needs to ask the root server. Generally, the DNS server will complete the entire process. This interpretation method is called recursive parsing. In order to let everyone see this process, a parameter is provided for the 21cn.com server. This parameter is-norecurse. In theory, 21cn.com will ask the root server. However, because it has cached records of top-level servers, it directly returns records of top-level servers that manage net. In fact, most queries do not need to start from the root server. We can see that all the top-level domain name server addresses are returned.

We can select one for query.

This time, the top-level server returns the server address record of oicp.net. Then we can query one of these records to obtain the answer. It may be an address, a cname record, or telling you that it does not exist.

The NSLookup command is introduced here. In fact, NSLookup has many other parameters. However, this is often the case in Russia. If you do not like the command line method. There are also several tools for the NSLookup function of the graphic interface. However, you still need to understand what domain name interpretations are to use these tools correctly. 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.