nslookup-commands-cheat-sheet.adoc

nslookup commands cheat sheet

Note	All the commands below are for the Interactive mode.

Command	Description
nslookup	Enter the interactive mode. The nslookup prompt > opens.
set all	Show current settings for the session, useful to show what the nslookup is actually going to do on the next query.
set ty=Record-type-to-query-for	Sets the record type you want to query. E.g. set ty=MX - all following queries will ask for MX record only, until changed again with set ty=…​. Available types A, AAAA, MX, TXT, SOA, CNAME, etc. as per DNS protocol.
domain	Query the domain domain for the value of the record type set previously via set ty=…​ or A record by default.
server [IP-address-of-alternative-DNS-server]	Run by itself, server prints DNS server(s) currently set and used for resolving. Change the DNS server to query by specifying IP address of the server, e.g. > server 8.8.8.8 Default server: 8.8.8.8 Address: 8.8.8.8#53
set debug/nodebug	Enable verbose output of what the nslookup is actually doing (debug), or disable nodebug (default). Shows what server is being queried, additional records, whether the server is authoritative or not.
IDN_DISABLE	Environment variable, if not set (default) enables querying IDN names, e.g.: > set ty=A > рег.рф Server: 8.8.8.8 Address: 8.8.8.8#53 ------------ QUESTIONS: рег.рф, type = A, class = IN ANSWERS: -> рег.рф internet address = 194.58.116.37 ttl = 21600 AUTHORITY RECORDS: ADDITIONAL RECORDS: ------------ Non-authoritative answer: Name: рег.рф Address: 194.58.116.37
set port=N	Set port different from 53 on the remote DNS server. NOTE: nslookup does NOT support DOT/DOH protocols, only plain old clear text DNS.
exit	Leave nslookup interactive mode to the command line of terminal.
WINDOWS only: ls -d domain-name	Try to do AXFR zone transfer from the configured DNS server. If works and unintended - serious security risk. Linux version of nslookup does NOT have this option. E.g. ls -d yurisk.info.