NSLOOKUP is derived from and functions similarly to the UNIX utility of the same name. The purpose of NSLOOKUP is to query DNS name servers for specific record types making queries to DNS servers. Simple query allows you to quickly query the default DNS defined for your system with hostname or IP address resolution queries. NSLOOKUP provides a fully flexible method of querying any DNS for almost any record you want as long as you can contact the DNS through your network. NSLOOKUP queries a selected DNS for specific record entries, such as A, MX, NS, PTR, about a hostname, domain name or IP address. This of course is that the DNS contains information about the hostname, domain name or IP address in question.
Windows 9x does not have this command while Windows NT and 2000 do. This is because this is somewhat of an advanced command. The NSLookup command is a DOS command within NT and 2000. The whole idea is to resolve how the Network numbers are assigned! For example, if I where to ask about iomega.com, I would receive a number of 147.178.1.2 or if I were to ask about www.microsoft.com, I would get the following:
Server: microsoft.com
Addresses: 207.46.131.30,
207.46.130.14,
207.46.130.149,
207.46.130.45,
207.46.131.137
Aliases: www.microsoft.com
As mentioned last month, here are some of the more important records that NSLookup can resolve:
A Record - Address record.
ANY Record - Wild card record retrieval.
CNAME Record - Canonical name record (alias).
MX Record - Mail Exchange record.
NS Record - Name Server record.
PTR Record - Reverse DNS pointer record.
SOA Record - Start of Authority record.
SOA is the Start of Authority which basically means the DNS which contains the master records identifying computers that belong to a domain. It may have one or more mirrors. If you have a hostname or a domain name that you want information about, you can use just about any of the record query types.
Here are the DOS Commands for NSLookup:
Commands: (identifiers are shown in uppercase, [] means optional)
NAME - print info about the host/domain NAME using default server
NAME1 NAME2 - as above, but use NAME2 as server
help or ? - print info on common commands
set OPTION - set an option
all - print options, current server and host
[no]debug - print debugging information
[no]d2 - print exhaustive debugging information
[no]defname - append domain name to each query
[no]recurse - ask for recursive answer to query
[no]search - use domain search list
[no]vc - always use a virtual circuit
domain=NAME - set default domain name to NAME
srchlist=N1[/N2/.../N6] - set domain to N1 and search list to N1,N2, etc.
root=NAME - set root server to NAME
retry=X - set number of retries to X
timeout=X - set initial time-out interval to X seconds
type=X - set query type (ex. A,ANY,CNAME,MX,NS,PTR,SOA,SRV)
querytype=X - same as type
class=X - set query class (ex. IN (Internet), ANY)
[no]msxfr - use MS fast zone transfer
ixfrver=X - current version to use in IXFR transfer request
server NAME - set default server to NAME, using current default server
lserver NAME - set default server to NAME, using initial server
finger [USER] - finger the optional NAME at the current default host
root - set current default server to the root
ls [opt] DOMAIN [> FILE] - list addresses in DOMAIN (optional: output to FILE)
-a - list canonical names and aliases
-d - list all records
-t TYPE - list records of the given type (e.g. A,CNAME,MX,NS,PTR etc.)
view FILE - sort an 'ls' output file and view it with pg
exit - exit the program
 |
There is extensive help in the Windows NT Help file about how to use NSLookup.
If you have an IP Address, you must use either the A record query or the PTR record query. Any other selections with an IP address will result in an error message.
This is because the A or PTR records are the only types that contain reverse DNS information, that is, the information to translate an IP address to a hostname.
Besides the native NSLookup bundled with Windows NT and 2000, you can purchase third-party utilities to do the same thing. I purchased "NetScanTools Pro" by Northwest Performance Software, Inc. It is just about the best TCP/IP utilities made today. Here is an example of what NetScanTools's NSLookup command can give you:
However, for the normal person who just wants to resolve a simple record, the native NSLookup in NT works fine.
