How to Find DNS (Domain Name Server) Records on Linux Using the nslookup Command

nslookup is a program for querying Internet domain name servers (DNS).

nslookup has two modes, which are interactive and interactive.

Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain.

Non-interactive mode is used to print just the name and requested information for a host or domain.

It is a network administration tool that helps diagnose and resolve DNS related issues.

Alternatively you can try other DNS tools, such as the dig command and the host command.

The common syntax for nslookup as follows:

nslookup [Options] [Domain_Name.com]

1) How to Lookup a Domain “A Record” on Linux Using the nslookup Command

Enter a domain name followed by the nslookup command to verify the “A record” (IP address) of the domain.

$ nslookup 2daygeek.com

Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
Name:	2daygeek.com
Address: 104.27.157.177
Name:	2daygeek.com
Address: 104.27.156.177
Name:	2daygeek.com
Address: 2606:4700:30::681b:9cb1
Name:	2daygeek.com
Address: 2606:4700:30::681b:9db1

It used my local DNS cache server to query information.

Use the same format as above to find subdomain records information.

$ nslookup linuxnews.2daygeek.com

Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
Name:	linuxnews.2daygeek.com
Address: 104.27.156.177
Name:	linuxnews.2daygeek.com
Address: 104.27.157.177
Name:	linuxnews.2daygeek.com
Address: 2606:4700:30::681b:9db1
Name:	linuxnews.2daygeek.com
Address: 2606:4700:30::681b:9cb1

2) How to Find a Domain “MX Record” on Linux Using the nslookup Command

Add the query=MX in the nslookup command to find MX records for a domain.

$ nslookup -query=mx magesh.co.in

Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
magesh.co.in	mail exchanger = 10 e46f668a62df45920a71fc97ebe479.pamx1.hotmail.com.

Authoritative answers can be found from:

The above command found an “MX record” whose priority is 10.

3) How to Find a Domain “NS Record” (Name Server) on Linux Using the nslookup Command

Add the type=ns in the nslookup command to find Name Server records for a domain.

$ nslookup -type=ns 2daygeek.com

Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
2daygeek.com	nameserver = jean.ns.cloudflare.com.
2daygeek.com	nameserver = vin.ns.cloudflare.com.

Authoritative answers can be found from:

4) How to Lookup a Domain “TXT (SPF) Record” on Linux Using the nslookup Command

Add the type=txt in the nslookup command to find TXT (SPF) records for a domain.

$ nslookup -type=txt magesh.co.in

Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
magesh.co.in	text = "v=spf1"
magesh.co.in	text = "v=spf1 ip4:103.212.204.105 ?all"
magesh.co.in	text = "ca3-6f3ab38d22a44843980d16e360ab706d"

Authoritative answers can be found from:

5) How to Find a Domain “CNAME Record” on Linux Using the nslookup Command

Add the type=cname in the nslookup command to find CNAME record for a domain.

$ nslookup -type=cname linuxtechnews.com

6) How to Lookup a Domain “SOA Record” on Linux Using the nslookup Command

Add the type=soa in the nslookup command to find SOA record for a domain.

$ nslookup -type=soa 2daygeek.com

Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
2daygeek.com
	origin = jean.ns.cloudflare.com
	mail addr = dns.cloudflare.com
	serial = 2032053521
	refresh = 10000
	retry = 2400
	expire = 604800
	minimum = 3600

Authoritative answers can be found from:

7) How to Find a Domain “Reverse DNS (RDNS or PRT) Record” on Linux Using the nslookup Command

Enter a IP Address followed by the nslookup command to verify the RDNS (PRT) record of the domain.

$ nslookup 182.71.233.70
70.233.71.182.in-addr.arpa	name = nsg-static-070.233.71.182.airtel.in.

Authoritative answers can be found from:

8) How to Find All Possible Records for a Domain on Linux Using the nslookup Command

Add the type=any in the nslookup command to find all possible records for a domain.

$ nslookup -type=any google.com
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
Name:	google.com
Address: 216.58.203.174
Name:	google.com
Address: 2404:6800:4009:803::200e
google.com	mail exchanger = 30 alt2.aspmx.l.google.com.
google.com	rdata_257 = 0 issue "pki.goog"
google.com	text = "v=spf1 include:_spf.google.com ~all"
google.com	mail exchanger = 20 alt1.aspmx.l.google.com.
google.com	nameserver = ns3.google.com.
google.com	text = "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
google.com	text = "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289"
google.com	nameserver = ns4.google.com.
google.com	nameserver = ns2.google.com.
google.com
	origin = ns1.google.com
	mail addr = dns-admin.google.com
	serial = 273171295
	refresh = 900
	retry = 900
	expire = 1800
	minimum = 60
google.com	mail exchanger = 50 alt4.aspmx.l.google.com.
google.com	text = "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
google.com	nameserver = ns1.google.com.
google.com	mail exchanger = 40 alt3.aspmx.l.google.com.
google.com	mail exchanger = 10 aspmx.l.google.com.
google.com	text = "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="

Authoritative answers can be found from:

9) How to Find a Domain DNS Records in Debug Mode Using the nslookup Command

Add the -debug switch in the nslookup command to find detailed information for a domain. It displays the ttl value in the output.

$ nslookup -debug 2daygeek.com

Server:		192.168.1.1
Address:	192.168.1.1#53

------------
    QUESTIONS:
	2daygeek.com, type = A, class = IN
    ANSWERS:
    ->  2daygeek.com
	internet address = 104.27.157.177
	ttl = 299
    ->  2daygeek.com
	internet address = 104.27.156.177
	ttl = 299
    AUTHORITY RECORDS:
    ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name:	2daygeek.com
Address: 104.27.157.177
Name:	2daygeek.com
Address: 104.27.156.177
------------
    QUESTIONS:
	2daygeek.com, type = AAAA, class = IN
    ANSWERS:
    ->  2daygeek.com
	has AAAA address 2606:4700:30::681b:9cb1
	ttl = 299
    ->  2daygeek.com
	has AAAA address 2606:4700:30::681b:9db1
	ttl = 299
    AUTHORITY RECORDS:
    ADDITIONAL RECORDS:
------------
Name:	2daygeek.com
Address: 2606:4700:30::681b:9cb1
Name:	2daygeek.com
Address: 2606:4700:30::681b:9db1

10) How to Use nslookup Command in Interactive Mode

We can also use nslookup in interactive mode. Type nslookup in the console and press enter to access the interactive shell.

$ nslookup

> 2daygeek.com
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
Name:	2daygeek.com
Address: 104.27.157.177
Name:	2daygeek.com
Address: 104.27.156.177
Name:	2daygeek.com
Address: 2606:4700:30::681b:9cb1
Name:	2daygeek.com
Address: 2606:4700:30::681b:9db1

> set type=ns

> linuxtechnews.com
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
linuxtechnews.com	nameserver = jean.ns.cloudflare.com.
linuxtechnews.com	nameserver = vin.ns.cloudflare.com.

Authoritative answers can be found from:

> set query=mx

> magesh.co.in
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
magesh.co.in	mail exchanger = 10 e46f668a62df45920a71fc97ebe479.pamx1.hotmail.com.

Authoritative answers can be found from:

11) How To Find the “A” Record of a Multiple Domain Using a Shell Script

If you want to find “A” records for multiple domains at once, use the following shell script.

$ vi nslookup-a-rec.sh

#!/bin/bash
# List You Domain Here
DOMAINS="2daygeek.com linuxtechnews.com magesh.co.in"
for domain in $DOMAINS
do
  echo "$domain"
  echo "-----------------------------------"
  nslookup $domain
  echo "-----------------------------------"
done

Set an executable permission to nslookup-a-rec.sh file.

$ chmod +x nslookup-a-rec.sh

Finally run the script to achieve this.

$ sh nslookup-a-rec.sh

2daygeek.com
-----------------------------------
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
Name:	2daygeek.com
Address: 104.27.156.177
Name:	2daygeek.com
Address: 104.27.157.177
Name:	2daygeek.com
Address: 2606:4700:30::681b:9db1
Name:	2daygeek.com
Address: 2606:4700:30::681b:9cb1

-----------------------------------
linuxtechnews.com
-----------------------------------
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
Name:	linuxtechnews.com
Address: 104.27.144.3
Name:	linuxtechnews.com
Address: 104.27.145.3
Name:	linuxtechnews.com
Address: 2606:4700:30::681b:9003
Name:	linuxtechnews.com
Address: 2606:4700:30::681b:9103

-----------------------------------
magesh.co.in
-----------------------------------
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
Name:	magesh.co.in
Address: 104.18.34.52
Name:	magesh.co.in
Address: 104.18.35.52
Name:	magesh.co.in
Address: 2606:4700:30::6812:2234
Name:	magesh.co.in
Address: 2606:4700:30::6812:2334

-----------------------------------

12) How To Find the “NS” Record of a Multiple Domain Using a Shell Script

If you want to find “NS” records for multiple domains simultaneously, use the following bash script.

$ vi nslookup-ns-rec.sh

#!/bin/bash
# List You Domain Here
DOMAINS="2daygeek.com linuxtechnews.com magesh.co.in"
for domain in $DOMAINS
do
  echo "$domain"
  echo "----------------------------------------------------------"
  nslookup -type=ns $domain
  echo "----------------------------------------------------------"
done

Set an executable permission to nslookup-ns-rec.sh file.

$ chmod +x nslookup-ns-rec.sh

Finally run the script to achieve this.

$ sh nslookup-ns-rec.sh

2daygeek.com
----------------------------------------------------------
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
2daygeek.com	nameserver = jean.ns.cloudflare.com.
2daygeek.com	nameserver = vin.ns.cloudflare.com.

Authoritative answers can be found from:

----------------------------------------------------------
linuxtechnews.com
----------------------------------------------------------
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
linuxtechnews.com	nameserver = jean.ns.cloudflare.com.
linuxtechnews.com	nameserver = vin.ns.cloudflare.com.

Authoritative answers can be found from:

----------------------------------------------------------
magesh.co.in
----------------------------------------------------------
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
magesh.co.in	nameserver = jean.ns.cloudflare.com.
magesh.co.in	nameserver = vin.ns.cloudflare.com.

Authoritative answers can be found from:

----------------------------------------------------------

Magesh Maruthamuthu

Love to play with all Linux distribution

You may also like...