Testing DNS with NSLookup.exe
Using NSLOOKUP provides a much more robust method of validating that DNS is working successfully by providing a more true representation of Queries to DNS in the following manner:
- Allows for using UDP or TCP Protocol for queries to DNS
- Specify which DNS Servers to use for Name Resolution
- Specify which Name Types queried (HOST, CNAME, MX etc)
An important note from NSLOOKUP is that it does not test the DNS Client component on the DNS Client. NSLOOKUP uses API Calls directly through Winsock, or the TCPIP Stack to resolve names, it does not use the “DNS Client” Service to handle Name Resolution.
When using NSLOOKUP the default DNS Server it tries to connect to is the DNS Server configured on the system NSLOOKUP is being run on.
From the NSLOOKUP Prompt, just typing a name and hitting enter will query for the name from DNS as a HOST name.
If the need exists to query specific name types that are NOT HOST names, use the set type=<type> prompt to define the type of name to be queried.
You can use the “lserver <IP_Address> command to change DNS Servers being queried.
Another point to mention is that NSLOOKUP will default to using UDP for its Name Resolution methodology.
You can run “NSLOOKUP -v” and this will cause NSLOOKUP to use TCP instead of UDP.
Examples: Let’s say that you want the user to test a specific DNS Server (10.0.0.2) to see whether it will resolve IP Addresses using TCP to query for a specific Mail server (MX Record - MAILSERVER).
You would run the following steps:
- NSLOOKUP -V
- set type=MX
- lserver 10.0.0.2
- MAILSERVER
Filed under: Network
Leave a Reply