|
System Administration Commands | nslookup(1M) |
| nslookup - query name servers interactively |
SYNOPSIS
| nslookup [- option] ... host [server] |
| nslookup [- option] ... - [server] |
|
nslookup sends queries to Internet domain name servers. It has two modes: interactive and non-interactive. Interactive mode allows the user to contact servers for information about various hosts and domains or to display a list of hosts in a domain. Non-interactive
mode is used to display just the name and requested information for a host or domain.
|
|
- -option
- Set the permissible options, as shown in the following list. These are the same options that the set command supports in interactive mode (see set in the Commands section for more complete descriptions).
-
all
- List the current settings
-
class=classname
- Restrict search according to the specified class
-
d2
- Set exhaustive debug mode on
-
nod2
- Set exhaustive debug mode off
-
debug
- Set debug mode on
-
nodebug
- Set debug mode off
-
defname
- Set domain-appending mode on
-
nodefname
- Set domain-appending mode off
-
domain=string
- Establish the appendable domain
-
ignoretc
- Set it to ignore packet truncation errors
-
noignoretc
- Set it to acknowledge packet truncation errors
|
|
-
host
- Inquires about the specified host. In this non-interactive command format, nslookup Does not prompt for additional commands.
-
-
- Causes nslookup to prompt for more information, such as host names, before sending one or more queries.
-
server
- Directs inquiries to the name server specified here in the command line rather than the one read from the /etc/resolv.conf file (see resolv.conf(4)). server can be either a name or an Internet address. If the specified host cannot be reached, nslookup resorts to using the name server specified in /etc/resolv.conf.
|
|
Non-interactive Mode
|
Non-interactive mode is selected when the name or Internet address of the host to be looked up is given as the first argument.
Within non-interactive mode, space-separated options can be specified. They must be entered before the host name, to be queried. Each option must be prefixed with a hyphen.
For example, to request extensive host information and to set the timeout to 10 seconds when inquiring about gypsy, enter:
|
example% nslookup -query=hinfo -timeout=10 gypsy
|
To avoid repeated entry of an option that you almost always use, place a corresponding set command in a .nslookuprc file located inside your home directory. (See Commands for more information about set.) The .nslookuprc file can contain several set commands if each is followed by a RETURN.
|
Entering and Leaving Interactive Mode
|
Interactive mode is selected when
- No arguments are supplied.
- A `-' (hyphen) character is supplied as the host argument.
To exit from an interactive nslookup session, type Control-d or type the command exit followed by RETURN.
|
Supported Command Interactions
|
The commands associated with interactive mode are subject to various limitations and run-time conventions.
The maximum length of a command line is 255 characters. When the RETURN key is pressed, command-line execution begins. While a command is running, its execution can be interrupted by typing Control-c.
The first word entered on the command line must be the name of a nslookup command unless you wish to enter the name of a host to inquire about. Any unrecognized command is handled as a host name to inquire about. To force a command to be treated as a host name to be inquired about,
precede it with a backslash character.
|
Commands
|
-
exit
- Exit the nslookup program.
-
help
-
-
?
- Display a brief summary of commands.
-
host [ server ]
- Look up information for host using the current default server, or using server if it is specified.
If the host supplied is an Internet address and the query type is A or 1PTR, the name of the host is returned. If the host supplied is a name and it does not have a trailing period,
the default domain name is appended to the name. (This behavior depends on the state of the set options domain, srchlist, defname, and search).
To look up a host that is not in the current domain, append a period to the name.
-
finger [ name ] [ >> filename ]
- Connect with the finger server on the current host, which is defined by the most recent successful host lookup.
If no name value is specified, a list of login account names on the current host is generated.
Similar to a shell command interpreter, output can be redirected to a file using the usual redirection symbols: > and >>.
-
ls [ -options ] domain [ >> filename ]
- List the information available for domain, optionally creating or appending to filename. The default output contains host names and their Internet addresses.
Output can be redirected to filename using the > and >> redirection symbols. When output is directed to a file, hash marks are shown for every 50 records received from the server. The permissible values for options
are:
-
a
- Lists aliases of hosts in the domain. This is a synonym for the command ls -t CNAME.
-
d
- Lists all records for the domain. This is a synonym for the command ls -t ANY.
-
h
- Lists CPU and operating system information for the domain. This is a synonym for the command ls -t HINFO.
-
s
- Lists well-known services of hosts in the domain. This is a synonym for the command ls -t WKS.
-
t querytype-value
- lists all records of the specified type (see querytype within the discussion of the set command).
-
set token=value
-
set keyword
- Establish a preferred mode of search operation. Permissible token
and keyword values are:
-
all
- Display the current values of frequently-used options. Information about the current default server and host is also displayed.
-
cl[ass]=classname
- Limit the search according to the protocol group (classname) for which lookup information is desired. Permissible classname values are:
-
ANY
- A wildcard selecting all classes
-
IN
- The Internet class (the default)
-
CHAOS
- The Chaos class.
-
HESIOD
- The MIT Athena Hesiod class.
-
d2
-
nod2
- Enable or disable exhaustive debugging mode. Essentially all fields of every packet are displayed. By default, this option is disabled.
-
deb[ug]
-
nodeb[ug]
- Enable or disable debugging mode. When debugging mode is enabled, much more information is produced about the packet sent to the server and the resulting
answer. By default, this option is disabled.
-
def[name]
-
nodef[name]
- Enable or disable appending the default domain name to a single-component lookup request (one that lacks a dot). By default, this option is enabled
for nslookup. The default value for the domain name is the value given in /etc/resolv.conf, unless: there is an environmental value for LOCALDOMAIN when nslookup is run; a recent value has been specified
through the srchlist command or the set domain command.
-
do[main]=string
- Change the default domain name to be appended to all lookup requests to string. For this option to have any effect, the defname option must also be enabled and the search option must be set in a compatible way. The domain search list contains the parents of the default domain if it has at least two components in its name. For example, if the default domain is CC.Berkeley.EDU, the search list is CC.Berkeley.EDU and Berkeley.EDU. Use the set srchlist command to specify a different list. Use the set all command to display the list.
-
ignoretc
-
noignoretc
- Ignore packet truncation errors. By default, this option is disabled.
-
srch[list]=name1/name2/...
- Change the default domain name to name1 and the domain search list to name1, name2, etc. A maximum of 6 names can be specified, along with slash characters to separate them. For example,
|
example% set srchlist=lcs.MIT.EDU/ai.MIT.EDU/MIT.EDU
|
sets the domain to lcs.MIT.EDU and the search list to all three names. This command overrides the default domain name and search list of the set domain command. Use the set all command to display the list.
-
search
-
nosearch
- Enable or disable having the domain names in the domain search list appended to the request, generating a series of lookup queries if necessary until an answer is received. To take effect, the
lookup request must contain at least one dot (period); yet it must not contain a trailing period. By default, this option is enabled.
-
po[rt]=value
- Specify the default TCP/UDP name server port. By default, this value is 53.
-
q[uerytype]=value
-
ty[pe]=value
- Change the type of information returned from a query
to one of:
-
A
- The Internet address of the host
-
CNAME
- The canonical name for an alias
-
HINFO
- The host CPU and operating system type
-
MD
- The mail destination
-
MX
- The mail exchanger
-
MB
- The mailbox domain name
-
MG
- The mail group member
-
MINFO
- The mailbox or mail list information
-
NS
- The name server
-
PTR
- The host name if the query is in the form of an Internet address; otherwise the pointer to other information
-
SOA
- The domain's start-of-authority information
-
TXT
- The text information
-
UINFO
- The user information
-
WKS
- The supported well-known services
(Other types specified in the RFC 1035 document are valid, but they are not as useful.)
-
recurse
-
norecurse
- Enable or disable having to query other name servers before abandoning a search. By default, this feature is enabled.
-
ret[ry]=count
- Set the maximum number of times to retry a request before abandoning a search. When a reply to a request is not received within a certain amount of time (changed
with set timeout), the timeout period is doubled and the request is resent. The retry value controls how many times a request is resent before the request is aborted. The default for count is 4.
-
ro[ot]=host
- Change the name of the root server to host. This affects the root command. The default root server is ns.internet.net.
-
t[timeout]=interval
- Change the amount of time to wait for a reply to interval seconds. Each retry doubles the timeout period. The default interval is 5 seconds.
-
vc
-
novc
- Enable or disable the use of a virtual circuit when sending requests to the server. By default, this feature is disabled.
-
root
- Change the default server to the server for the root of the domain name space. Currently, the host ns.internic.net is used; this command is a synonym for server ns.internic.net. The name of the root
server can be changed with the set root command.
-
server domain
-
lserver domain
- Change the default server to domain. lserver uses the initial server to look up information
about domain while server uses the current default server. If an authoritative answer can not be found, the names of servers that might have the answer are returned.
|
|
| Example 1. Searching the Internet Domain Namespace
|
To effectively search the Internet domain namespace, it helps to know its structure. At present, the Internet domain name-space is tree-structured, with one top level domain for each country except the United States.. There are also some traditional top level domains, not explicitly tied to any
particular country. These include:
-
COM
- Commercial establishments
-
EDU
- Educational institutions
-
ORG
- Not-for-profit organizations
-
GOV
- Government agencies
-
MIL
- MILNET hosts
If you are looking for a specific host, you need to know something about the host's organization in order to determine the top-level domain that it belongs to. For instance, if you want to find the Internet address of a machine at UCLA, do the following:
- Connect with the root server using the root command. The root server of the name space has knowledge of the top-level domains.
- Since UCLA is a university, its domain name is ucla.edu. Connect with a server for the ucla.edu domain with the command server ucla.edu. The response produces the names of hosts that act as servers
for that domain. Note: the root server does not have information about ucla.edu, but knows the names and addresses of hosts that do. Once located by the root server, all future queries will be sent to the UCLA name server.
- To request information about a particular host in the domain (for instance, locus), just type the host name. To request a listing of hosts in the UCLA domain, use the ls command. The ls command requires
a domain name, (in this case, ucla.edu, as an argument.
If you are connected with a name server that handles more than one domain, all lookups for host names must be fully specified with its domain. For instance, the domain harvard.edu is served by seismo.css.gov, which also services the css.gov
and cornell.edu domains. A lookup request for the host aiken in the harvard.edu domain must be specified as aiken.harvard.edu. However, the set domain=name and set defname commands can be used to automatically append a domain name to each request.
After a successful lookup of a host, use the finger(1) command to see who is on the system, or to finger a specific person. (finger requires
the type to be A.)
To get other information about the host, use the set querytype=value command to change the type of information desired and request another lookup.
|
|
|
-
HOSTALIASES
- References the file containing host aliases
-
LOCALDOMAIN
- Overrides default domain
|
|
The process returns the following values:
-
0
- On success.
-
1
- On failure.
|
|
-
/etc/resolv.conf
- Initial domain name and name server addresses
-
$HOME/.nslookuprc
- Initial option commands
-
/usr/lib/nslookup.help
- Summary of commands
|
|
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
Availability | SUNWcsu |
Interface Stability | Standard BIND 8.2.4 |
|
|
finger(1), more(1), in.named(1M), nstest(1M), resolver(3RESOLV), resolv.conf(4), attributes(5)
Mockapetris, Paul. RFC 1034, Domain Names - Concepts and Facilities. Network Working Group. November 1987.
Mockapetris, Paul. RFC 1035, Domain Names - Implementation and Specification. Network Working Group. November 1987.
|
|
If the lookup request is successful, an error message is produced. Possible errors are:
-
Timed out
- The server did not respond to a request after a certain amount of time (changed with set timeout=value) and a certain number of retries (changed with set retry=value).
-
No response from server
- No name server is running on the server machine.
-
No records
- The server does not have resource records of the current query type for the host, although the host name is valid. The query type is specified with the set querytype command.
-
Non-existent domain
- The host or domain name does not exist.
-
Connection refused
-
Network is unreachable
- The connection to the name or finger server can not be made at the current time. This error commonly occurs with ls and finger requests.
-
Server failure
- The name server found an internal inconsistency in its database and could not return a valid answer.
-
Refused
- The name server refused to service the request.
-
Format error
- The name server found that the request packet was not in the proper format. This may indicate an error in nslookup.
|
| |