nslookup Commands Reference
Essential nslookup commands for DNS lookups and troubleshooting
🔍 Basic DNS Lookups
Simple A record lookup
nslookup example.comPerforms a basic DNS lookup using the default nameserver.
Query using specific nameserver
nslookup example.com 8.8.8.8Query using Google's DNS server (8.8.8.8). Replace with any nameserver IP.
Query using specific nameserver by hostname
nslookup example.com ns1.example.comReverse DNS lookup
nslookup 8.8.8.8Looks up the domain name associated with an IP address.
💻 Interactive Mode
Enter interactive mode
nslookupStarts interactive mode where you can run multiple queries without re-launching nslookup.
Set query type in interactive mode
nslookup
> set type=MX
> example.comChange nameserver in interactive mode
nslookup
> server 1.1.1.1
> example.comSwitches to Cloudflare DNS (1.1.1.1) for subsequent queries.
Exit interactive mode
> exitType exit or press Ctrl+C to quit.
📝 Querying Different Record Types
A record (IPv4 address)
nslookup -type=A example.comAAAA record (IPv6 address)
nslookup -type=AAAA example.comMX record (mail servers)
nslookup -type=MX example.comNS record (nameservers)
nslookup -type=NS example.comTXT record (text records)
nslookup -type=TXT example.comCommonly used for SPF, DKIM, and domain verification records.
CNAME record (canonical name)
nslookup -type=CNAME www.example.comSOA record (start of authority)
nslookup -type=SOA example.comPTR record (reverse DNS)
nslookup -type=PTR 8.8.8.8ANY record (all available records)
nslookup -type=ANY example.comNote: Many DNS servers now limit or disable ANY queries for security reasons.
⚙️ Query Options
Set query timeout
nslookup -timeout=10 example.comSets timeout to 10 seconds (default is 5 seconds).
Set retry count
nslookup -retry=3 example.comRetry up to 3 times if the query fails.
Use TCP instead of UDP
nslookup -vc example.comForces TCP connection. Useful for large responses or when UDP is blocked.
Enable debug mode
nslookup -debug example.comShows detailed debugging information about the query.
Query specific port
nslookup -port=5353 example.comQuery DNS server on a non-standard port (default is 53).
Disable recursion
nslookup
> set norecurse
> example.comQuery authoritative server only, without recursion.
🎛️ Interactive Mode Settings
Set query class
> set class=INSet class to IN (Internet), CH (Chaos), or HS (Hesiod). Default is IN.
Enable/disable debug mode
> set debug # Enable debug mode
> set nodebug # Disable debug modeEnable/disable detailed debug mode
> set d2 # Enable detailed debug
> set nod2 # Disable detailed debugSet domain search list
> set domain=example.comAppends domain name to queries that don't end with a dot.
Enable/disable search list
> set search # Enable search list
> set nosearch # Disable search listView all current settings
> set all💡 Common Use Cases
Check if domain is using Cloudflare
nslookup -type=NS example.comLook for nameservers ending in cloudflare.com
Verify SPF records for email
nslookup -type=TXT example.comLook for TXT records starting with v=spf1
Check DKIM record
nslookup -type=TXT default._domainkey.example.comReplace default with your DKIM selector.
Check DMARC policy
nslookup -type=TXT _dmarc.example.comCompare responses from different DNS servers
nslookup example.com 8.8.8.8
nslookup example.com 1.1.1.1Compare Google DNS (8.8.8.8) with Cloudflare DNS (1.1.1.1).
Test local DNS server
nslookup example.com localhostQuery authoritative nameserver directly
# First, find the authoritative nameservers
nslookup -type=NS example.com
# Then query one of them directly
nslookup example.com ns1.example.com🔧 Troubleshooting
"Server failed" or "SERVFAIL" error
The DNS server encountered an error processing the request. Try a different nameserver or check if DNSSEC is causing issues.
nslookup example.com 8.8.8.8"Non-existent domain" or "NXDOMAIN" error
The domain name does not exist. Check spelling and verify the domain is registered.
nslookup -type=SOA example.comTimeout errors
Increase timeout and retry values, or try a different nameserver.
nslookup -timeout=10 -retry=5 example.comCheck if DNS server is responding
nslookup google.com 8.8.8.8If google.com resolves but your domain doesn't, the issue is with the domain, not the DNS server.
Debug DNS resolution path
nslookup
> set debug
> set d2
> example.comShows detailed information about the query and response.
🖥️ Platform-Specific Notes
Windows syntax
nslookup -type=MX example.comWindows uses -type= or -querytype=
Linux/macOS syntax
nslookup -type=MX example.comLinux/macOS also support -type= or -query=
Alternative: dig (more powerful on Linux/macOS)
dig example.comOn Linux/macOS, dig is often preferred for advanced queries.
📊 Quick Reference Table
| Record Type | Command | Purpose |
|---|---|---|
| A | nslookup -type=A example.com | IPv4 address |
| AAAA | nslookup -type=AAAA example.com | IPv6 address |
| MX | nslookup -type=MX example.com | Mail servers |
| NS | nslookup -type=NS example.com | Nameservers |
| TXT | nslookup -type=TXT example.com | Text records (SPF, DKIM, etc.) |
| CNAME | nslookup -type=CNAME www.example.com | Canonical name |
| SOA | nslookup -type=SOA example.com | Start of authority |
| PTR | nslookup 8.8.8.8 | Reverse DNS lookup |