Query Internet name servers interactively
Syntax:
nslookup [-options] [host-to-find | -[server]]
Options:
- options
- Any option from the set command.
- host-to-find
- The host to look up.
- server
- The server to use for the lookup.
Description:
The nslookup utility lets you query Internet domain name servers.
The utility has two modes: interactive and noninteractive.
In interactive mode, you can query name servers for information about
various hosts and domains or print a list of hosts in a
domain. In noninteractive mode, nslookup just
prints the name and requested information for a host or domain.
The utility enters interactive mode when:
- no arguments are given (the default name server is used)
- the first argument is a hyphen (-) and the second argument is the hostname
or Internet address of a name server.
The utility enters noninteractive mode when the first
argument is the name or Internet address of the host to be
looked up. The optional second argument specifies the host
name or address of a name server.
You can specify the options listed under the set command below
in the .nslookuprc file in your home directory; list each one on its own line.
You can specify interactive commands on the command line if
they precede the arguments and you prefix them with a hyphen.
For example, to change the default query type to host
information and the initial timeout to 10 seconds, type:
nslookup -querytype=HINFO -timeout=10
Interactive commands
To interrupt a command at any time, press
CtrlC. To exit,
press CtrlD (EOF)
or type exit. To treat a builtin command as a host
name, place an escape character (\) before the
command.
Note:
The length of the command line must be less than 256 characters.
Any unrecognized command is interpreted as a host name.
- host [server]
- Look up information for host using the
current default server or using server, if specified.
If host is an Internet address and the query type
is A or PTR (see the set querytype command),
the name of the host is returned. If host is a
name and doesn't have a trailing period, the default domain
name is appended to the name. (This behavior depends on the
state of the set options domain,
srchlist, defname, and search).
To look up a host not in the current domain, append a period to the name.
- server domain or lserver domain
- Change the default server to domain. The
lserver form uses the initial server to look up
information about domain while server
uses the current default server. If an authoritative answer
can't be found, the names of servers that might have the answer are returned.
- root
- Change the default server to the server for the root of the domain namespace.
Because the host ns.nic.ddn.mil is currently used, this command is a synonym for
lserver ns.nic.ddn.mil.
You can change the name of the root server with the set root command.
- finger [name] [> filename] or
finger [name] [>> filename]
- Connect with the finger server on the current host. The
current host is defined when a previous lookup for a host
completed successfully and returned address information (see
the set querytype=A command). The
name argument is optional. Note that you can use
> and >> in the usual manner.
- ls [option] domain [> filename] or
ls [option] domain [>> filename]
- List the information available for domain,
optionally creating or appending to filename. If
no option is given, the output contains hostnames and their
Internet addresses. The option argument can be
one of the following:
- -t querytype
- List all records of the specified type (see querytype below).
- -a
- List aliases of hosts in the domain. Synonym for -t CNAME.
- -d
- List all records for the domain. Synonym for -t ANY.
- -h
- List CPU and OS information for the domain. Synonym for -t HINFO.
- -s
- List well-known services of hosts in the domain. Synonym
for -t WKS. When output is directed to a
file, hash marks are printed for every 50 records received from the server.
- view filename
- Sort and list the output of previous ls commands with more.
- help or ?
- Print a brief summary of commands.
- exit
- Exit the utility.
Note:
All of the keywords on the following pages belong to the set command.
- set keyword[=value]
- Change state information that affects the lookups. Valid keywords are:
- all
- Print the current values of set's most
frequently used options as well as information about the current default server and host.
- class=value
- Change the query class to one of:
- IN
- Internet class.
- CHAOS
- Chaos class.
- HESIOD
- MIT Athena Hesiod class.
- ANY
- Query for any of the above.
The class specifies the protocol group of the information
(default = IN, abbreviation = cl).
- [no]debug
- Turn debugging mode on. A lot more information is
printed about the packet sent to the server and the
resulting answer (default = nodebug, abbreviation = [no]deb).
- [no]d2
- Turn exhaustive debugging mode on. All fields of
every packet are printed (default = nod2).
- domain=name
- Change the default domain name to name. The
default domain name is appended to a lookup request
depending on the state of the defname and search options (see below).
The domain search list contains the parents of the default
domain if the domain has at least two components in its
name. For example, if the default domain is CC.Berkeley.EDU,
the search list is CC.Berkeley.EDU and Berkeley.EDU (default
is the value from hostname,
/etc/nsswitch.conf
file, or the LOCALDOMAIN environment variable; the abbreviation is do).
To specify a different list, use set srchlist
(see below); to display the list, use set all.
- srchlist=name1/name2/...
- Change the default domain name to name1 and
the domain search list to name1,
name2, etc. (default = value based on hostname,
/etc/nsswitch.conf file, or the
LOCALDOMAIN environment variable;
abbreviation = srchl).
You can specify a maximum of six names separated by slashes
(/). For example, this command:
set srchlist=lcs.MIT.EDU/ai.MIT.EDU/MIT.EDU
sets the domain to lcs.MIT.EDU and the search list to the three names.
This command overrides the default domain name and
search list of the set domain command.
Use the set all command to display the list.
- [no]defname
- Append the default domain name to a single-component
lookup request, i.e., one that doesn't contain a period
(default = defname, abbreviation = [no]def).
- [no]search
- If the lookup request contains at least one period but
doesn't end with a trailing period, append the domain names
in the domain search list to the request until an answer is
received (default = search, abbreviation = [no]sea).
- port=value
- Change the default TCP/UDP name server port to
value (default = 53, abbreviation = po).
- querytype=value or
type=value
- Change the type of information query to one of:
- A
- The host's Internet address.
- CNAME
- The canonical name for an alias.
- HINFO
- The host CPU and OS type.
- MINFO
- The mailbox, or mail-list information.
- MX
- The mail exchanger.
- NS
- The name server for the named zone.
- PTR
- The hostname if the query is an Internet address; otherwise the pointer to other information.
- SOA
- The domain's start-of-authority information.
- TXT
- The text information.
- UINFO
- The user information.
- WKS
- The supported well-known services. Other types (ANY,
AXFR, MB, MD, MF, NULL)
are described in the RFC 1035 document.
Default = A; abbreviations = q, ty.
- [no]recurse
- Tell the name server to query other servers if it
doesn't have the information (default = recurse, abbreviation = [no]rec).
- retry=number
- Set the number of retries to number. When a
reply to a request isn't received within a certain amount of
time (changed with set timeout), the timeout period is
doubled and the request is sent again. The number
argument controls how many times a request is resent before
nslookup gives up (default = 4, abbreviation = ret).
- root=host
- Change the name of the root server to
host. This affects the root command (default =
ns.nic.ddn.mil., abbreviation = ro).
- timeout=number
- Change the initial timeout interval for waiting for a
reply to the specified number of seconds. Each retry doubles
the timeout period (default = 5, abbreviation = ti).
- [no]vc
- Always use a virtual circuit when sending requests to
the server (default = novc, abbreviation = [no]v).
- [no]ignoretc
- Ignore packet truncation errors (default = noignoretc,
abbreviation = [no]ig).
Diagnostics:
If the lookup request wasn't successful, one of the following error messages may be printed:
- Timed out
- The server didn't respond to a request after a certain amount of time (changed with
set timeout=value) and a certain
number of retries (changed with set retry=value).
- No response from server
- No name server is running on the server machine.
- No records
- The server doesn't have resource records of the current query type for the host, although the hostname is valid.
The query type is specified with the set querytype command.
- Nonexistent domain
- The hostname or domain name doesn't exist.
- Connection refused — Network is unreachable
- The connection to the name or finger server couldn't be
made at the current time. This error commonly occurs with
ls and finger requests.
- Server failure
- The name server found an internal inconsistency in its database and couldn't return a valid answer.
- Refused
- The name server refused to service the request.
- Format error
- The name server found that the request packet wasn't in the proper format.
This may indicate an error in nslookup.
Based on:
- Domain Names — Concepts and Facilities (RFC 1034)
- Domain Names — Implementation and Specification (RFC 1035)
Files:
- /etc/nsswitch.conf
- Name-service switch configuration file.
- $HOME/.nslookuprc
- User's initial options.
- /etc/nslookup.help
- Summary of commands.
The nslookup utility requires the libsocket.so shared library.
Environment variables:
- HOSTALIASES
- Contains host aliases.
- LOCALDOMAIN
- Overrides default domain.
Contributing author:
Andrew Cherenson