Command to troubleshoot DNS issues (Nslookup Advance Usage)

By | June 7, 2009

Command to troubleshoot DNS issues (Nslookup Advance Usage)

Nslookup is a command-line tool used to test and troubleshoot the DNS issues

Find the advance help for Nslookup

Default Server:

> ?
Commands: (identifiers are shown in uppercase, [] means optional)
NAME – print info about the host/domain NAME using default server
NAME1 NAME2 – as above, but use NAME2 as server
help or ? – print info on common commands
set OPTION – set an option
all – print options, current server and host
[no]debug – print debugging information
[no]d2 – print exhaustive debugging information
[no]defname – append domain name to each query
[no]recurse – ask for recursive answer to query
[no]search – use domain search list
[no]vc – always use a virtual circuit
domain=NAME – set default domain name to NAME
srchlist=N1[/N2/…/N6] – set domain to N1 and search list to N1,N2, etc.
root=NAME – set root server to NAME
retry=X – set number of retries to X
timeout=X – set initial time-out interval to X seconds
type=X – set query type (ex. A,ANY,CNAME,MX,NS,PTR,SOA,SRV)
querytype=X – same as type
class=X – set query class (ex. IN (Internet), ANY)
[no]msxfr – use MS fast zone transfer
ixfrver=X – current version to use in IXFR transfer request
server NAME – set default server to NAME, using current default server
lserver NAME – set default server to NAME, using initial server
finger [USER] – finger the optional NAME at the current default host
root – set current default server to the root
ls [opt] DOMAIN [> FILE] – list addresses in DOMAIN (optional: output to FILE)
-a – list canonical names and aliases
-d – list all records
-t TYPE – list records of the given type (e.g. A,CNAME,MX,NS,PTR etc.)
view FILE – sort an ‘ls’ output file and view it with pg
exit – exit the program

Set All

command will display the current configuration settings; you can always change the settings using the same set command, but this setting only for the current session, this will change to default settings while to exit the command

> set all
Default Server:

Set options:

Set type

To change the query type user the below command, by default type=A, this will only query the host record (A record) to query for the mail exchanger data, type the following:

> set type=mx

Non-authoritative answer: MX preference = 10, mail exchanger = MX preference = 10, mail exchanger = MX preference = 10, mail exchanger = MX preference = 10, mail exchanger =

In this way you can use the different query type (A, ANY, CNAME, MX, NS, PTR, SOA, SRV).

any – displays all the records for that domain.
cname – CName (Canonical Name) is used for nicknames or aliases, it is used to redirect web address to another
mx – Mail eXchange (MX). Used to define which domain handles the email
ns – Look up the Name servers for this record
ptr – A record that points an IP address to a single name, unlike a name which can be associated with many IP addresses
soa – Start Of Authority
srv – Resource records

The first time a query is made for a remote name, the answer is authoritative, but subsequent queries are nonauthoritative. The first time a remote host is queried, the local DNS server contacts the DNS server that is authoritative for that domain. The local DNS server will then cache that information, so that subsequent queries are answered nonauthoritatively out of the local server’s cache.

Set debug

Using this option you can turn on or off the debug display, nothing but the detailed lookup result, by default this option disabled (set nodebug) you can use the below command turn on the debug mode

> set debug

Got answer:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 3, authority records = 4, additional = 4

QUESTIONS:, type = A, class = IN
internet address =
ttl = 235 (3 mins 55 secs)

nameserver =
ttl = 170814 (1 day 23 hours 26 mins 54 secs)

internet address =
ttl = 302197 (3 days 11 hours 56 mins 37 secs)
Non-authoritative answer:

We have querying “, type = A, class = IN”

Normal query Nslookup will return only the IP address of, in debug mode it will provide corresponding name server records and authority records which resolve to the IP addresses (Additional records)

So we came to know from where the host ( getting resolved, able to find the corresponding IP address as well as holding DNS server (

Set d2

Using this Option you can turn on or off the EXHAUSTIVE debug display. Retrieves the complete dump of what is sent and received via the DNS requests

Set norecurse

Before this you should know about Iterative(norecurse) and Recursive(recurse) Queries.
Please check the below link for more info:

DNS Query Types

This will display other domain name servers to query, if the default name server does not have the information.

Turn off recursion and then try to look up a name that is not cached locally. since our default name server does not have the entry, this will display other name servers that might know the answer

> set norecurse

Served by:


Served by:



In the above example I have using, if you query with set norecurse this will display other name servers that might know the answer, since our default name server does not. I have used name server to look for the answer, this will lists the ns server that has the authoritive answer. Then have the Name server for one more time, and we will get the A record

This will help to troubleshoot the DNS related issues, able to find the problematic name servers and able to find trace the DNS issue.

> set recurse

Non-authoritative answer:

With set recurse we will get the direct answer

Set srchlis

Command to change search list and default Domain Name System (DNS) domain name

Set srchlist=N1[N2/../N6]

Specifies one or up to six domain names to be appended to unqualified host names when attempting to resolve the host name. Each domain name specified is tried in turn until a match is found.
This option also directs the default domain to be set to the first domain name specified in the search list. The minimum abbreviation for this option is srchl.

While querying the host name no need to provide the FQDN, only host name enough, domain from the Srchlist added to the given host name to make the FQDN


To set the DNS domain to
> set
> test0001

Non-authoritative answer:

In the above example I have only provide the host name (test0001) but Nslookup able to query the FQDN ( using the set command.

Look up a given domain name (NAME1) using this name server (NAME2). See example below



set root

Changes the name of the root server to the name specified by the HOST parameter, The root server by default is defined to be “A.ROOT-SERVERS.NET”


set retry

Changes the number of times to retry quering a name server, Default retries is 1.

set retry=2

Set timeout

Sets the initial time out value in seconds, Default timeout value is 2 seconds.

>set timeout=4


Rerieve the zone list of this domain. Note: On almost all Name Servers this operation is restricted or turned off

Most of the time, when using this command you would get a query refused output.Options:-a – list canonical names and aliases-d – list all records-t TYPE – list records of the given type (i.e. cname, mx, ns etc.)

Related Articles

how to troubleshoot dns issues
clearing dns cache
view dns cache
register dns record
dns server role
Unable to access the server share through DNS alias name
check the DNS zone status from the list of servers

Share On Facebook
Share On Twitter
Share On Google Plus
Share On Linkedin

One thought on “Command to troubleshoot DNS issues (Nslookup Advance Usage)

Leave a Reply

Your email address will not be published. Required fields are marked *