Introduction
In Linux system management, one of the most common tasks is to verify domain name resolution. The nslookup command allows you to consult DNS servers and get information about records such as A, AAAA, MX, TXT and many more. This tool, although considered a legacy of previous versions, remains useful for rapid diagnosis and learning of DNS concepts.
What is nslookup?
Nslookup (Name Server Lookup) is a command line utility that intervenes in the query of domain name servers. Its operation is based on sending questions directly to a DNS server and showing the answers received. You can operate in two ways: interactive, where you open a subshell to perform multiple consultations, and not interactive, where each query is written as a single command.
Installation
In most modern Linux distributions, nslookup comes pre-installed as part of the bind-utils or dnsutils package. If not present, it can be easily installed. In Debian / Ubuntu:sudo apt-get update && sudo apt-get install dnsutils. In Red Hat / CentOS / Fedora:sudo yum install bind-utilsorsudo dnf install bind-utils. After installation, the command will be available at any terminal.
Interactive mode vs non-interactive mode
In non-interactive mode, just writenslookup ejemplo.comto obtain the associated IP address. In interactive mode, it runsnslookupwithout arguments, which changes the prompt to > and allows you to write down queries likeset type=MXfollowed byejemplo.com. This mode is useful when you need to do several queries without retyping the complete command.
Examples of common consultations
- Register A (address IPv4):
nslookup ejemplo.com - AAAA (IPv6) registration:
nslookup -type=AAAA ejemplo.com - MX (mail servers) record:
nslookup -type=MX ejemplo.com - TXT register (text information, SPF, DKIM):
nslookup -type=TXT ejemplo.com - CNAME register (alias):
nslookup -type=CNAME ejemplo.com - Check all records:
nslookup -type=ANY ejemplo.com
Interpretation of results
The nslookup output shows several fields. The first indicates the DNS server that responded and its IP address. Then the section appearsNon-authoritative answer:if the answer comes from a server that has no authority over the domain, followed by the requested records. Each record includes its type, value and, in some cases, the class (usually IN for the Internet). It is important to see if the answer is autoritative; if it is not, it may be stored in cache.
Limitations and alternatives
Although nslookup is practical, it has some limitations: its output may be ambiguous for new users and does not show the response time (TTL) in detail. For a deeper analysis, it is recommended to usedigwhich provides greater control and readability. Another alternative ishost, simpler but less flexible. Knowing these tools allows you to choose the most appropriate one according to the situation.
Good practices and advice
- Always check that you are using the correct DNS server; you can specify it with
nslookup ejemplo.com 8.8.8.8to consult Google DNS. - In interactive mode, use
set debugto see details of the transmission and debugging problems. - Note the changes in registration type with
set type=before each consultation to avoid confusion. - Use the option
-timeoutto adjust the waiting time on slow networks. - Document the results in monitoring scripts to detect changes in DNS records.
With this knowledge, you will be prepared to use nslookup efficiently in any Linux environment, either to solve connectivity problems, set up mail servers or simply understand how the Internet domain name system works.
