NSLOOKUP is a basic command line utility for DNS queries, it’s built into Windows and should be a tool you’re familiar with. Here are some real world examples which I deem common queries.
Query A and PTR records
This is as straight forward as you can get. NSLOOKUP FQDN or NSLOOKUP x.x.x.x
Query A and PTR records from another Name-server
You can query other name-servers to the one your client is configured with by adding the NS IP onto the end of the query, for example to use an OpenDNS NS (126.96.36.199) you’d type:
NSLOOKUP FQDN 188.8.131.52
NSLOOKUP x.x.x.x 184.108.40.206
You may notice the non-authoritative answer, this simply means the name-server queried does not hold the entire zone for the domain (in other words it doesn’t have every single record)… more on that later.
Query other types of records
You can query pretty much any other type of record (see the full list here: http://technet.microsoft.com/en-us/library/bb490745.aspx) with the set type= or querytype= command. The single line command would be:
nslookup -querytype=mx bbc.co.uk
The interactive mode command would be:
nslookup set type=mx bbc.co.uk
You can query another NS by appending the NS onto the end like the previous examples. If you have multiple records to lookup you might decide to head into interactive mode (see below). In interactive mode you can change the queried NS by using server 220.127.116.11.
Remember I mentioned earlier about non-authoritative answers? So, below what I’ve done is I’ve queried for the name servers for the bbc.co.uk and then queried them directly.
You can do a lot more with nslookup for example use ‘set debug’ will give you verbose information on a record including things like TTL, here’s the output:
I hope this gives you the basics and some good real world examples…