The UNIX nslookup program can be used to determine a variety of information about machines and domains in the internet. It uses the Domain Name System (DNS) protocol. Its most important use is translating host names to Internet Protocol (IP) addresses. IP addresses are required for routing data through the internet.
For security reasons, most machines and domains will not respond to all types of queries made by nslookup. Most will respond to the query types described in the following sections. In these examples everything typed by the the user is shown with a light blue background.
Here is an example using nslookup to find the address of bulldog.d.umn.edu. The first two lines give the local server from which the query originates. They are the same in all of the examples below. The answer to the query is in the following lines.
ukko 1% nslookup -type=a bulldog.d.umn.edu Server: 131.212.32.32 Address: 131.212.32.32#53 Name: bulldog.d.umn.edu Address: 131.212.109.98
Here is an example using nslookup to find the mail exchanger for a network domain. A non-authoritative answer means the local DNS server is returning information that it had cached from earlier queries.
There are two kinds of IP addresses in the section that describes where you can get authoritative information:
ukko 2% nslookup -type=mx tc.umn.edu Server: 131.212.32.32 Address: 131.212.32.32#53 Non-authoritative answer: tc.umn.edu mail exchanger = 10 mhub-m.tc.umn.edu. tc.umn.edu mail exchanger = 10 mhub-w.tc.umn.edu. tc.umn.edu mail exchanger = 10 mhub-a.tc.umn.edu. Authoritative answers can be found from: umn.edu nameserver = ns-auth-2.umn.edu. umn.edu nameserver = ns-auth-1.umn.edu. umn.edu nameserver = ns-auth-remote-1.umn.edu. ns-auth-1.umn.edu internet address = 128.101.101.1 ns-auth-1.umn.edu has AAAA address 2001:468:1910:4801::2 ns-auth-2.umn.edu internet address = 128.101.101.9 ns-auth-2.umn.edu has AAAA address 2001:468:1910:4802::2 ns-auth-remote-1.umn.edu internet address = 140.142.16.240
Here are examples using nslookup to find the name server for a domain. A domain is an administrative unit for a group of machines. The administrative units form a hierarchy.
The full hostname for a machine encodes the domains it belongs to. For example
ukko 3% nslookup -type=ns mit.edu Server: 131.212.32.32 Address: 131.212.32.32#53 Non-authoritative answer: mit.edu nameserver = W20NS.mit.edu. mit.edu nameserver = bitsy.mit.edu. mit.edu nameserver = STRAWB.mit.edu. Authoritative answers can be found from: bitsy.mit.edu internet address = 18.72.0.3 W20NS.mit.edu internet address = 18.70.0.160 STRAWB.mit.edu internet address = 18.71.0.151 ukko 4% nslookup -type=ns edu Server: 131.212.32.32 Address: 131.212.32.32#53 Non-authoritative answer: edu nameserver = l.edu-servers.net. edu nameserver = c.edu-servers.net. edu nameserver = a.edu-servers.net. edu nameserver = g.edu-servers.net. edu nameserver = f.edu-servers.net. edu nameserver = d.edu-servers.net. Authoritative answers can be found from: a.edu-servers.net internet address = 192.5.6.30 c.edu-servers.net internet address = 192.26.92.30 d.edu-servers.net internet address = 192.31.80.30 f.edu-servers.net internet address = 192.35.51.30 g.edu-servers.net internet address = 192.42.93.30 g.edu-servers.net has AAAA address 2001:503:cc2c::2:36 l.edu-servers.net internet address = 192.41.162.30