252

I would like to issue a query to a specific DNS server, whose IP address I know. It doesn't really matter if it's on Windows or *nix.

In Windows I can do something like:

C:\Documents and Settings\Anton Daneyko>nslookup superuser.com
Server:  DNSs2.Uni-Marburg.DE
Address:  137.248.21.22

Non-authoritative answer:
Name:    superuser.com
Address:  64.34.119.12

But this uses the local machine's DNS settings. Instead, I would like to query a specific DNS server to test if it is responding to my queries correctly or responding at all.

So it should be something like:

nslookup --dns-ip=8.8.8.8 superuser.com

9 Answers 9

333

For basic A and CNAME records, you can simply do

nslookup somewhere.com some.dns.server

Usage: 
   nslookup [-opt ...]             # interactive mode using default server
   nslookup [-opt ...] - server    # interactive mode using 'server'
   nslookup [-opt ...] host        # just look up 'host' using default server
   nslookup [-opt ...] host server # just look up 'host' using 'server'

or if you just type nslookup without any parameters, you can do a lot more options...

Commands:   (identifiers are shown in uppercase, [] means optional)
NAME            - print info about the host/domain NAME using default server
NAME1 NAME2     - as above, but use NAME2 as server
help or ?       - print info on common commands
set OPTION      - set an option
    all                 - print options, current server and host
    [no]debug           - print debugging information
    [no]d2              - print exhaustive debugging information
    [no]defname         - append domain name to each query
    [no]recurse         - ask for recursive answer to query
    [no]search          - use domain search list
    [no]vc              - always use a virtual circuit
    domain=NAME         - set default domain name to NAME
    srchlist=N1[/N2/.../N6] - set domain to N1 and search list to N1,N2, etc.
    root=NAME           - set root server to NAME
    retry=X             - set number of retries to X
    timeout=X           - set initial time-out interval to X seconds
    type=X              - set query type (ex. A,AAAA,A+AAAA,ANY,CNAME,MX,NS,PTR,SOA,SRV)
    querytype=X         - same as type
    class=X             - set query class (ex. IN (Internet), ANY)
    [no]msxfr           - use MS fast zone transfer
    ixfrver=X           - current version to use in IXFR transfer request
server NAME     - set default server to NAME, using current default server
lserver NAME    - set default server to NAME, using initial server
root            - set current default server to the root
ls [opt] DOMAIN [> FILE] - list addresses in DOMAIN (optional: output to FILE)
    -a          -  list canonical names and aliases
    -d          -  list all records
    -t TYPE     -  list records of the given RFC record type (ex. A,CNAME,MX,NS,PTR etc.)
view FILE           - sort an 'ls' output file and view it with pg
exit            - exit the program
5
  • 18
    It's unfortunate that the manual uses the terms 'host' and 'server' rather than something clearer like 'domain-name' and 'dns-server'. Commented Jul 14, 2014 at 6:33
  • 1
    It's not entirely incorrect. The "domain-name" is only part of a hostname. You can indeed do lookups on just the "host" portion of the FQDN, omitting the domain suffix. NSLOOKUP will automatically attempt to use any search-suffixes configured in your system to obtain a match.
    – TheCompWiz
    Commented Jul 15, 2014 at 18:40
  • 2
    You don't have to fully access NSLOOKUP to use the options - the syntax is just a little weird. Example: nslookup -all -debug -type=ANY -class=ANY servertolookup.com someDNSserver.com
    – Coruscate5
    Commented Jun 4, 2018 at 16:37
  • 1
    "or if you just type nslookup without any parameters, you can do a lot more options..." -> instead of showing the syntax help you show, it goes into some kind of interactive shell for me (Win 10 20H2) - do you know, did that change recently?
    – codeling
    Commented Oct 27, 2021 at 8:22
  • @codeling You are correct. Sadly, Microsoft have largely become horrible at documentation in modern days. Assuming your DNS is functional... and you have a working internet connection... and you have access to a working web browser... you can find Microsoft's official documentation here: learn.microsoft.com/en-us/windows-server/administration/…
    – TheCompWiz
    Commented Oct 5, 2023 at 15:06
14

Just digging into the options of nslookup, which you can display if you invoke nslookup and then typing help inside of the nslookup interactive mode gave me the right answer:

C:\Documents and Settings\Anton Daneyko>nslookup help
Server:  DNSs2.Uni-Marburg.DE
Address:  137.248.21.22

*** DNSs2.Uni-Marburg.DE can't find help: Non-existent domain

C:\Documents and Settings\Anton Daneyko>nslookup
Default Server:  DNSs2.Uni-Marburg.DE
Address:  137.248.21.22

> stackoverflow.com 8.8.8.8
Server:  [8.8.8.8]
Address:  8.8.8.8

Non-authoritative answer:
Name:    stackoverflow.com
Address:  64.34.119.12
1
  • 22
    I smiled when I saw this answer starts with "Just diging ...".
    – Hossein
    Commented Oct 21, 2016 at 20:27
13

Yes, C:\Documents and Settings\Anton Daneyko>nslookup superuser.com will look up your own DNS server to find out the IP address for superuser.com. If you add the ip address or the name of a different DNS server to the command line, it will lookup that given DNS server for the ip address of superuser.com. Ex:

C:\Documents and Settings\Anton Daneyko>nslookup superuser.com 8.8.4.4
Server:  google-public-dns-b.google.com
Address:  8.8.4.4

Non-authoritative answer:
Name:    superuser.com
Addresses:  190.93.245.58
      190.93.246.58
      141.101.114.59
      190.93.247.58
      190.93.244.58

By the way, 8.8.4.4 is the ip address of Google DNS servers.

But, both of the above give "Non-authoritative answers", as neither of them SOA, which is the authoritative for superuser.com domain. Both have a cached copy that has been propagated from the SOA. If you want to ask the authoritative server, first find out the name of ip address of the authoritative server, using the command:

C:\Documents and Settings\Anton Daneyko>nslookup -type=ns superuser.com
Server:  DNSs2.Uni-Marburg.DE
Address:  137.248.21.22

Non-authoritative answer:
superuser.com   nameserver = cf-dns02.superuser.com
superuser.com   nameserver = cf-dns01.superuser.com

cf-dns02.superuser.com  internet address = 173.245.59.4
cf-dns02.superuser.com  AAAA IPv6 address = 2400:cb00:2049:1::adf5:3b04
cf-dns01.superuser.com  AAAA IPv6 address = 2400:cb00:2049:1::adf5:3a35
cf-dns01.superuser.com  internet address = 173.245.58.53

This will return a non-authoritative answer from your local DNS server, from the Marburg Uni, naming all the authoritative servers for the superuser.com. Then you can use the command we used earlier to ask any of the 4 authoritative servers, as follows:

C:\Documents and Settings\Anton Daneyko>nslookup superuser.com 173.245.59.4
Server:  cf-173-245-59-4.cloudflare.com
Address:  173.245.59.4

Name:    superuser.com
Addresses:  141.101.114.59
      190.93.246.58
      190.93.245.58
      190.93.247.58
      190.93.244.58

As you see, this time the authoritative SOA server returned the ip addresses, hence you don't see the comment "Non-authoritative answer" comment, anymore. This is particularly useful, when you have created a new domain name or changed the hosting providers or transferred to a different domain registrar, and you can't access your website, as the new IP addresses haven't propagated even after 24 hours. Then you can start with the SOA and verify that your correct ip address is given by the DNS server, and then follow it further down the tree. Good to check if Google DNS servers have received the changes, and then lastly if your local DNS server can resolve your Domain name to correct IP address.

7

Get specific record-types from specified DNS server with one command

To look up record types other than the default A and AAAA (and CNAME) records returned by nslookup, using the DNS server you specify:

nslookup -q=<record type> <host> <DNS server>

For example, to return MX records for the domain stackexchange.com using DNS server 8.8.4.4 the command would be:

nslookup -q=MX stackexchange.com 8.8.4.4
1
  • I made the unfortunate mistake of switching my nameservers before scanning and getting all of the TXT records off of the old one. This helped me get my SPF record but I'm still at a loss on how to get the rest.
    – PHP Guru
    Commented Sep 12 at 21:06
2

To change your default DNS server in nslookup you can simply change the server by typing the server NAMEorIPofDNS In this example below I have changed my default DNS server (192.168.50.21) to a new one (4.2.2.3)

C:\Windows\system32>nslookup

Default Server: UnKnown

Address: 192.168.50.21

server 4.2.2.3

Default Server: c.resolvers.level3.net

Address: 4.2.2.3

>

Now I am ready to make queries against 4.2.2.3 versus 192.168.50.21

3
  • This duplicates another answer and adds no new content. Please don't post an answer unless you actually have something new to contribute.
    – DavidPostill
    Commented Mar 30, 2016 at 22:20
  • 1
    No new content maybe, but value. I prefer this answer over the long onces :) Commented Jul 25, 2016 at 16:13
  • Hey Look! The actual answer to the original question is here! Commented Feb 9, 2021 at 18:02
1

On windows you can do

c:\nslookup             <==nothing after it just hit enter for console mode of nslookup
>server 8.8.8.8         <== sets the DNS server you want to test against
>whatyouliketotest.com

The ben

0

you can configure the primary DNS to be used with your connection.
Go to your connection properties => Internet Procol (TCP/IP). (the place where you can set a static IP)
Here you can manually define which DNS you want to use for each connection.
After testing, you can always change it back to it's previous value.

1
  • 3
    I don't think that is a "direct" way of querying a DNS server.
    – lepe
    Commented Jul 17, 2015 at 7:07
0

I am working on Openwrt 18.06.1 ARMv6 Raspberry pi and setting up tor dns as well as dnscrypt-proxy so had a very similar problem. The root cause is that the local isp is intercepting insecure responses from root-servers.net, responses that say the site was not found, then redirecting to their own website. While it isn't a great security flaw I don't find it particularly useful either.

The first test to do when querying a specific address is actually to try an invalid address, to make sure that you get a proper null response when using the server, port and host parameters, There are many guides and versions and it is easy to think you are doing a port test when it is in fact replying from cached results or default servers. After getting a null response then work with an active server address and port. Active ports can be shown on openwrt with netstat -plnt but note that some router commands may need to be installed first. The tor service I set on port 9053 doesn't show here but still works after adding DNSPort 127.0.0.1:9053 to the torrc file. nslookup format on this platform accepts [host] and [server] parameters and I can test tor dns with nslookup cnn.com 127.0.0.1#9053 I can test dnscrypt with the command nslookup cnn.com 127.0.0.1#5353 Changing to invalid port numbers or domains gets a response; ; connection timed out; no servers could be reached Dig also works on openwrt but has to be installed from the bind-dig package. dig -q 127.0.0.1 -p 9053 www.bbc.com And again fails for invalid ports. In my case the problem was resolved when I changed entries in /etc/config/network and set option dns '127.0.0.1' for networks where I previously used insecure dns entries there.

0

For windows what you may be looking for is presented in the following article: https://technet.microsoft.com/en-us/library/ff394369.aspx

1
  • 1
    Welcome to Super User! Whilst this may theoretically answer the question, it would be preferable to include the essential parts of the answer here, and provide the link for reference.
    – bertieb
    Commented Oct 12, 2018 at 15:00

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .