12.5 Common Tasks

Previous page
Table of content
Next page
Team-Fly    
 
DNS on Windows 2000, 2nd Edition
By Matt Larson, Cricket Liu
Table of Contents
Chapter 12.  nslookup

12.5 Common Tasks

You'll come to use nslookup for little chores almost every day: for example, finding out the IP address or MX records for a given domain name or querying a particular name server for data. We'll cover these common tasks before moving on to the more occasional stuff.

12.5.1 Looking Up Different Data Types

By default, nslookup looks up the address for a name or the name for an address. You can look up any data type by changing the querytype , as we show in this example: 

 C:\>  nslookup  Default Server:  terminator.movie.edu  Address:  192.249.249.3  >  misery   -- Look up address  Server:  terminator.movie.edu  Address:  192.249.249.3  Name:    misery.movie.edu  Address:  192.253.253.2  >  192.253.253.2   -- Look up name  Server:  terminator.movie.edu  Address:  192.249.249.3  Name:    misery.movie.edu  Address:  192.253.253.2  >  set q=mx   -- Look up MX data  >  wormhole  Server:  terminator.movie.edu  Address:  192.249.249.3  wormhole.movie.edu      MX preference = 10, mail exchanger = wormhole.movie.edu  wormhole.movie.edu      internet address = 192.249.249.1  wormhole.movie.edu      internet address = 192.253.253.1  >  set q=any   -- Look up data of any type  >  diehard  Server:  terminator.movie.edu  Address:  192.249.249.3  diehard.movie.edu       internet address = 192.249.249.4  diehard.movie.edu       MX preference = 10, mail exchanger = diehard.movie.edu  diehard.movie.edu       internet address = 192.249.249.4

These are only a few of the valid DNS data types, of course. For the complete list, see Appendix A.

12.5.2 Authoritative Versus Nonauthoritative Answers

If you've used nslookup before, you might have noticed that it sometimes precedes its answers with the phrase "Non-authoritative answer": 

 C:\>  nslookup  Default Server:  relay.hp.com  Address:  15.255.152.2  >  slate.mines.colorado.edu.  Server:  relay.hp.com  Address:  15.255.152.2  Non-authoritative answer:  Name:    slate.mines.colorado.edu  Address:  138.67.1.3

This phrase indicates that the name server is not authoritative for the data in the answer. (Recall that a name server is authoritative for data when it's a primary master or slave for the zone containing the data.) There are two reasons why you'll see a nonauthoritative response. The first is that the name server you queried didn't have the data you were looking for and had to query a remote name server to get it. The remote name server is authoritative for the data (that's the reason it was queried!) and returns it with the "authoritative answer" bit set in the DNS message header. The Microsoft DNS Server you queried puts this data in its cache and returns it to you marked nonauthoritative. If you ask for the same data again, this time the name server can answer from its cache and will mark the data nonauthoritative: that's the second reason you'll see a nonauthoritative answer.

Authoritative answers are not announced by nslookup : the absence of the nonauthoritative message means the answer is authoritative.

This brings up a significant difference between the Microsoft DNS Server and the BIND name server. When you send a query to a BIND name server and it has to contact an authoritative name server to find the answer, the BIND name server returns the answer to you marked authoritative (unlike the Microsoft DNS Server). The BIND name server, in effect, passes the authoritative response directly back to you. Then, like the Microsoft DNS Server, it caches the response, and subsequent queries for the data result in a nonauthoritative answer.

Notice that we ended the domain name with a trailing dot each time we looked it up. The response would have been the same had we left it off. Sometimes it is critical that you use the trailing dot while debugging, but not always. Rather than stopping to decide if this name needs a trailing dot, we always add one if we know the name is fully qualified (except, of course, for the example where we turn off the search list).

12.5.3 Switching Servers

Sometimes you want to query another name server directlyfor example, if you think it is misbehaving. You can switch servers with nslookup by using the server or lserver commands. The difference between server and lserver is that lserver queries your "local" serverthe one you started out withto get the address of the server you want to switch to; server uses the default server instead of the local server. This difference is important to know because the server to which you just switched may not be responding, as we'll show in this example: 

 C:\>  nslookup  Default Server:  relay.hp.com  Address:  15.255.152.2

When we start up, our first server, relay.hp.com , becomes our lserver (this will matter later on in this session): 

 >  server galt.cs.purdue.edu.  Default Server:  galt.cs.purdue.edu  Address:  128.10.2.39  >  cs.purdue.edu.  Server:  galt.cs.purdue.edu  Address:  128.10.2.39  DNS request timed out.     timeout was 2 seconds. *** Request to galt.cs.purdue.edu timed-out >

At this point we try to switch back to our original name server. But there is no name server running on galt to look up relay 's address: 

 >  server relay.hp.com.  DNS request timed out.     timeout was 2 seconds. *** Can't find address for server relay.hp.com.: Timed out

Instead of being stuck, though, we use the lserver command to have our local server look up relay 's address: 

 >  lserver relay.hp.com.  Default Server:  relay.hp.com  Address:  15.255.152.2  >

Since the server on galt did not respondit's not even running a name serverit wasn't possible to look up the address of relay to switch back to using relay 's name server. Here's where lserver comes to the rescue: the local name server, relay , was still responding, so we used it. Instead of using lserver , we could have recovered by using relay 's IP address directlyserver 15.255.152.2.

You can even change servers on a per-query basis. To specify that you'd like nslookup to query a particular server for information about a given domain name, you can specify the server as the second argument on the line, after the domain name to look uplike so: 

 C:\>  nslookup  Default Server:  relay.hp.com  Address:  15.255.152.2  >  saturn.sun.com. ns.sun.com.  Server:  ns.sun.com  Address:  192.9.9.3  Name:    saturn.sun.com  Address:  192.9.25.2 >  ^Z

And, of course, you can change servers from the command line. You can specify the server to query as the argument after the domain name to look up, like this: 

 C:\>  nslookup -type=mx fisherking.movie.edu. terminator.movie.edu.

This instructs nslookup to query terminator.movie.edu for MX records for fisherking. movie.edu .

To specify an alternate default server and enter interactive mode, you can use a hyphen in place of the domain name to look up: 

 C:\>  nslookup - terminator.movie.edu.

One final note about switching servers: those of you who are familiar with using nslookup to talk to BIND name servers have probably entered an address of 0.0.0.0 or 127.0.0.1 to mean "this host." The Microsoft DNS Server never responds to queries sent to the loopback addressyou need to use the IP address of one of the host's network interfaces.

Team-Fly    
Top

Previous page
Table of content
Next page
DNS on Windows 2000
DNS on Windows 2000
ISBN: 0596002300
EAN: 2147483647
Year: 2001
Pages: 154
Authors: Matt Larson, Cricket Liu
BUY ON AMAZON
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Cisco IOS Cookbook (Cookbooks (OReilly))
Twisted Network Programming Essentials
Persuasive Technology: Using Computers to Change What We Think and Do (Interactive Technologies)
Ruby Cookbook (Cookbooks (OReilly))
Comparing, Designing, and Deploying VPNs
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy