Nslookup commands are command-line tools used to query Domain Name System (DNS) records and troubleshoot domain-related issues on Windows, macOS, and Linux systems. These commands allow administrators and developers to check DNS configurations such as A, MX, TXT, CNAME, and NS records to ensure that domains resolve correctly to their hosting servers or mail servers.
Nslookup can be run in both non-interactive mode for single queries and interactive mode for multiple DNS lookups within one session. It is essential for diagnosing website downtime, incorrect DNS mappings, mail delivery failures, DNS propagation delays, and cybersecurity incidents like DNS hijacking.
Nslookup supports specifying custom DNS resolvers, debug modes, timeout options, and reverse DNS lookups for retrieving hostnames from IP addresses, making it one of the most powerful DNS diagnostic tools available.
Why Nslookup Matters
Every website and online service depends on DNS to translate domain names into server IP addresses. When DNS fails, services go offline. Nslookup helps network administrators, hosting users, and developers verify whether DNS records are properly set up and resolving globally.
It is a universal tool installed by default in most operating systems, requiring no additional software to perform accurate DNS checks instantly.
What Is Nslookup?
Nslookup (Name Server Lookup) is a command-line utility used for querying DNS servers to find domain, subdomain, and email-hosting information. It enables both basic and advanced diagnostics, such as checking DNS propagation, validating SPF/TXT records for email authentication, and analyzing connection issues.
Supported Platforms:
- Windows Command Prompt or PowerShell
- macOS Terminal
- Linux Terminal
Uses:
- Domain resolution verification
- Email DNS validation (MX, SPF, DKIM via TXT)
- Reverse lookup for IP to domain mapping
- DNS security diagnostics
How Nslookup Works
- You enter a domain command
- The system sends a DNS query to a resolver (usually ISP or configured DNS)
- The resolver replies with the requested DNS record
It supports:
- Recursive and authoritative DNS lookups
- IPv4 and IPv6 record queries
Nslookup Syntax
The basic syntax format:
nslookup [domain] [DNS server]Example:
nslookup youstable.com 8.8.8.8Modes:
- Non-interactive: Single command for quick lookups
- Interactive: Allows multiple DNS queries inside nslookup console
Enter interactive mode:
nslookupMost Used Nslookup Commands and Practical Examples
A Record Lookup (Domain to IP)
nslookup example.comMX Record Lookup (Mail Server Check)
nslookup -type=MX example.comNS Record Lookup (Name Servers)
nslookup -type=NS example.comTXT Record Lookup (SPF, DKIM, Verification)
nslookup -type=TXT example.comSOA Record Lookup (Primary DNS Authority)
nslookup -type=SOA example.comCNAME Lookup (Alias Records)
nslookup -type=CNAME www.example.comReverse DNS Lookup (PTR Record)
Get hostname from IP:
nslookup 93.184.216.34Advanced Nslookup Commands
Query Using a Specific DNS Server
nslookup example.com 1.1.1.1Enable Debug Output
nslookup -debug example.comSet Timeout
nslookup -timeout=10 example.comIPv6 DNS Query
nslookup -query=AAAA example.comTable: Nslookup Commands with Meaning and Example
| Command | Purpose | Example |
|---|---|---|
| nslookup example.com | Check A record | Returns IPv4 address |
| nslookup -type=MX domain.com | Email host check | Mail server results |
| nslookup -type=NS domain.com | Name servers lookup | Displays authoritative NS |
| nslookup -type=TXT domain.com | Validate SPF/TXT | Shows authentication records |
| nslookup -type=CNAME www | Alias record check | www to root-domain |
| nslookup -type=PTR IP | Reverse DNS lookup | IP to domain mapping |
| nslookup -debug domain.com | Full trace | DNS query details |
Real-World Troubleshooting Scenarios with Nslookup
| Problem | Diagnostic | Interpretation |
|---|---|---|
| Website not loading | Check A record | Wrong or missing IP |
| Emails bouncing | Check MX and SPF | Misconfigured mail DNS |
| DNS propagation delays | Query different DNS servers | Differences mean still updating |
| Suspicious traffic | Reverse lookup PTR | Identify hosting or attacker source |
Nslookup vs Dig vs Host Commands
| Tool | Best Used For | OS |
|---|---|---|
| Nslookup | Basic to medium DNS checks | Windows/macOS/Linux |
| Dig | Advanced DNS & DNSSEC | Linux/macOS |
| Host | Simple forward/reverse lookups | Linux/macOS |
Nslookup remains widely used due to Microsoft ecosystem support.
Common Errors and Fixes
| Error | Meaning | Fix |
|---|---|---|
| NXDOMAIN | No such domain exists | Check spelling or DNS creation |
| SERVFAIL | DNS server error | Try different DNS server |
| REFUSED | DNS rejected request | DNS may block outside access |
| Timeout | No response | Network or firewall issue |
Example Raw Output (Real Lookup)
nslookup youstable.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: youstable.com
Address: 104.21.xx.xx
Best Practices for Using Nslookup
- Always verify from multiple DNS servers such as 1.1.1.1, 8.8.8.8
- Check SPF, DKIM via TXT for email issues
- Validate DNS changes after TTL expiration
- Use debug for complex failures
What Is a Proper DNS Diagnostic Structure Using Nslookup?
Every DNS check should follow a structured flow:
- A record resolution
- NS record authority validation
- MX and TXT email configuration check
- SOA primary server confirmation
- Reverse DNS for IP verification
This ensures stability, deliverability, and security of hosted services.
FAQ’s – Nslookup
What is the purpose of nslookup?
To query DNS servers and diagnose domain resolution, email delivery, and network routing issues.
How do I check my DNS using nslookup?
Run:
nslookup yourdomain.com
Why does nslookup show different IP addresses?
Because DNS propagation or load balancing can serve multiple IPs.
How to test email DNS records using nslookup?
Check MX and TXT records:
nslookup -type=MX yourdomain.com
nslookup -type=TXT yourdomain.com
Is nslookup still supported?
Yes. While dig is more advanced on Unix-based systems, nslookup remains standard on Windows.
