The nslookup CommandThe nslookup command is the tool of choice for finding problems with DNS. This command enables you to examine resource records in the zone table. The nslookup command can be used to verify that a DNS server exists, to find out what zone tables it manages , and to verify that the DNS server has a particular resource record, as well as allowing you to browse the resource records. The nslookup command has many syntaxes and command-line prompts. In this section, you look at only a few. For the exam, you need only a brief overview of the nslookup command. To see the IP address for www.digitalcrawlspaces.net and the name servers that are authoritative for that zone, use the nslookup command followed by the name of the DNS server as shown below. C:\> nslookup www.digitalcrawlspaces.com homeportal.gateway.2wire.net Server: homeportal.gateway.2wire.net Address: 172.16.0.1 Name: www.digitalcrawlspaces.com Address: 64.38.192.188 To use the interactive mode, enter the nslookup command with no parameters. When you enter interactive mode, you get a listing of the default name server followed by a command prompt, > : c:\> nslookup Default Server: dns.digitalcrawlspaces.com Address: 207.212.78.106 > Let's take a look at the available syntaxes for the nslookup command and a brief description of each syntax in the following output. > ? Commands: (identifiers are shown in uppercase, [] means optional) NAME - print info about the host/domain NAME using default server NAME1 NAME2 - as above, but use NAME2 as server help or ? - print info on common commands set OPTION - set an option all - print options, current server and host [no]debug - print debugging information [no]d2 - print exhaustive debugging information [no]defname - append domain name to each query [no]recurse - ask for recursive answer to query [no]search - use domain search list [no]vc - always use a virtual circuit domain=NAME - set default domain name to NAME srchlist=N1[/N2/.../N6] - set domain to N1 and search list to N1,N2, etc. root=NAME - set root server to NAME retry=X - set number of retries to X timeout=X - set initial time-out interval to X seconds querytype=X - set query type, e.g., A,ANY,CNAME,MX,NS,PTR,SOA type=X - synonym for querytype class=X - set query class to one of IN (Internet), CHAOS, HESIOD or ANY server NAME - set default server to NAME, using current default server lserver NAME - set default server to NAME, using initial server finger [USER] - finger the optional NAME at the current default host root - set current default server to the root ls [opt] DOMAIN [>FILE] - list addresses in DOMAIN(optional:output to FILE) -a - list canonical names and aliases -d - list all records -t TYPE - list records of the given type (e.g. A,CNAME,MX,NS,PTR etc.) view FILE - sort an 'ls' output file and view it with pg exit - exit the program If you want to see the default settings for NSLOOKUP, use the set all command in interactive mode, as shown below. > set all Default Server: homeportal.gateway.2wire.net Address: 172.16.0.1 Set options: nodebug defname search recurse nod2 novc noignoretc port=53 type=A class=IN timeout=2 retry=1 root=A.ROOT-SERVERS.NET. domain=gateway.2wire.net MSxfr IXFRversion=1 srchlist=gateway.2wire.net/2wire.net > The following sections review the most common nslookup interactive commands and set parameters. The server CommandThis command can be used to change the name of the DNS server that fields nslookup command queries. Be sure to use FQDNs with a trailing dot. The following output identifies the DNS server that fields queries to ns1.digitalgear.com. > server ns1.digitalgear.com. Default Server: ns1.digitalgear.com Address: 64.57.105.6 > The root CommandThe root command selects the name of the DNS server from the top of the server list in the CACHE.DNS file. This command would then set the DNS queries to either an InterNIC root server or a private root server. In the following output, the DNS server resolving DNS queries has been returned to a.root-servers.net from ns1.digitalgear.com . C:\> nslookup Default Server: homeportal.gateway.2wire.net Address: 172.16.0.1 > root Default Server: A.ROOT-SERVERS.NET Address: 198.41.0.4 > lsThe ls command lists the resource records in a particular zone. In essence, ls does a zone transfer of the selected record type. You can limit the scope of the transfer by specifying a record type using the “t switch. Here is an example showing the host records (A records) in the company.com zone: > ls -t a digitalcrawlspaces.com. [web1.digitalcrawlspaces.com] digitalcrawlspaces.com. A 10.1.1.1
set debug CommandUsing the set debug command is somewhat like using the DEBUG command on a router. The command displays real-time information and shows the results of a query and the DNS servers included in the search. The following example is the result of a query for digitalcrawlspaces.com that started at an InterNIC root server and worked its way down to find the associated IP address. > set debug > digitalcrawlspaces.com Server: homeportal.gateway.2wire.net Address: 172.16.0.1 Got answer: HEADER: opcode = QUERY, id = 8, rcode = REFUSED header flags: response, auth. answer, want recursion questions = 1, answers = 0, authority records = 0, additional = 0 QUESTIONS: digitalcrawlspaces.com.gateway.2wire.net, type = A, class = IN Got answer: HEADER: opcode = QUERY, id = 9, rcode = NOERROR header flags: response, auth. answer, want recursion questions = 1, answers = 1, authority records = 2, additional = 2 QUESTIONS: digitalcrawlspaces.com, type = A, class = IN ANSWERS: -> digitalcrawlspaces.com internet address = 64.38.192.188 ttl = 86400 (1 day) AUTHORITY RECORDS: -> digitalcrawlspaces.com nameserver = ns1.cwie.net ttl = 86400 (1 day) -> digitalcrawlspaces.com nameserver = ns2.cwie.net ttl = 86400 (1 day) ADDITIONAL RECORDS: -> ns1.cwie.net internet address = 64.38.192.10 ttl = 86400 (1 day) -> ns2.cwie.net internet address = 64.38.192.11 ttl = 86400 (1 day) ------------ Name: digitalcrawlspaces.com Address: 64.38.192.188 In the above output the DNS server was queried on the digitalcrawlspaces.com domain. The DNS servers with entries have replied with the domain's known information. The set type CommandYou can limit the scope of a query to a DNS server by setting a query to look only for a certain record type. In the example that follows , I am querying for mail Mail Exchange (MX) records on a name server: > set type=mx > digitalcrawlspaces.com Server: homeportal.gateway.2wire.net Address: 172.16.0.1 QUESTIONS: digitalcrawlspaces.com, type = MX, class = IN ANSWERS: -> digitalcrawlspaces.com MX preference = 10, mail exchanger = mail.digitalcrawlspaces.com ttl = 86400 (1 day) AUTHORITY RECORDS: -> digitalcrawlspaces.com nameserver = ns2.cwie.net ttl = 86400 (1 day) -> digitalcrawlspaces.com nameserver = ns1.cwie.net ttl = 86400 (1 day) ADDITIONAL RECORDS: -> mail.digitalcrawlspaces.com internet address = 64.38.212.71 The above output shows only the MX record entries on the DNS servers queried. The only known entry found is for mail.digitalcrawlspaces.com. The nslookup CommandWindows TCP/IP clients resolve NetBIOS names and store the results in a NetBIOS Name Cache table, which was the way Windows resolved host names before IP and DNS. However, it is still used today in our LANs. An entry entered into the cache stays for 600 seconds (10 minutes) by default. You can use the nbtstat command to view and manipulate the contents of NetBIOS name cache. The following bulleted list displays the syntaxes available for the NBTSTAT command and the syntaxes function. Please note that the syntaxes are case sensitive.
|