A huge number of people use the internet, but very few understand how the internet works under the hood. Considering that there are around , we need an efficient system for sorting and storing connection details for each. While we technically connect to websites and servers via an IP address, remembering these number strings can be difficult, even for IT personnel. Instead, we use something called DNS records.
A DNS record is stored on a DNS [Domain Name System] server, and every internet connection uses these servers to convert hostnames into IP addresses. This means that when you type www.fasthosts.co.uk, a DNS service will query its website database, and serve you an IP address for that website. Then, you can connect via internet protocol [IP] to the host server.
Introducing nslookup
When you are having problems with your DNS lookup service, one way to diagnose these problems is via the nslookup tool in Command Prompt.
nslookup is an abbreviation of name server lookup and allows you to query your DNS service. The tool is typically used to obtain a domain name via your command line interface [CLI], receive IP address mapping details, and lookup DNS records. This information is retrieved from the DNS cache of your chosen DNS server.
There are two primary functions included with nslookup. The first is DNS lookup, whereby you enter a domain URL and retrieve the corresponding server IP address. You can also reverse this process and enter an IP address to retrieve the corresponding domain URL.
nslookup modes
There are two operating modes for nslookup, called non-interactive and interactive.
With non-interactive, the nslookup tool inspects the address entries in your DNS servers cache. These entries are known as resource records. You can only retrieve the current DNS server you are using, and then the domain URL and IPv4/IPv6 addresses in this mode. This is the default mode when performing a simple lookup without additional parameters.
Then we have interactive. This mode is used to query nameservers for information on hosts and domains, or print a full list of hosts for that specific domain. An interactive session is persistent in the Command Prompt window, meaning you can type commands for nslookup without having to specify that you want to use nslookup at the beginning of each command.
Testing non-interactive mode
Please note, this guide was written using Windows 10 v2004. Linux and macOS also support nslookup, but we are focusing on Windows in this guide.
Let us try our first nslookup command. This will be in non-interactive mode.
To open Command Prompt, press the Windows Key + R to open run. Type cmd and press Enter on the keyboard. You will see a Command Prompt window appear.
Now we can test nslookup. Start by typing nslookup www.google.co.uk. This will ask nslookup to query Google’s UK servers in non-interactive mode.
You should see a similar result in your Command Prompt window:
C:\Users\Fasthosts>nslookup www.google.co.uk
Server: one.one.one.one
Address: 2606:4700:4700::1111
Non-authoritative answer:
Name: www.google.co.uk
Addresses: 2a00:1450:4009:806::2003
216.58.204.3
Let us dissect this result.
The DNS server used was 1.1.1.1, which is hosted by Cloudflare. We can see that the IPv6 address for that DNS server is 2606:4700:4700::1111.
As mentioned earlier, basic nslookup commands pull data from the DNS server cache. The message Non-authoritative answer proves this, as the data was not taken directly from the server that actually hosts the data.
Next, we have the website URL which we typed earlier.
You can see that the Google server IPv4 address was 216.58.204.3, and the IPv6 address was 2a00:1450:4009:806::2003.
This is all the information you can get with the most basic nslookup command.
Using a different DNS server in non-interactive mode
To use a different DNS server, you would type the following:
nslookup www.google.co.uk 8.8.8.8
The syntax is nslookup
In this case, we used Google’s DNS server 8.8.8.8, and got the following result:
Server: dns.google
Address: 8.8.8.8
Non-authoritative answer:
Name: www.google.co.uk
Addresses: 2a00:1450:4009:80f::2003
216.58.213.99
You may be wondering, why is the IP address different? This is simply because the DNS servers have different records saved. You will notice that both IP addresses work if you copy them into your browser, so in this case, it isn’t a problem.
In some instances, this can be a problem, however. If you change your website’s static IP address, presuming you have a single hosting server, an incorrect DNS record can render your website inaccessible. In this case, you would need to flush the DNS cache for that specific domain name to force a refresh on the DNS server. Google offers a DNS flushing service isolated to a single domain name. Fasthosts also offers DNS flushing within the Control Panel, as detailed here.
Interactive mode for nslookup
Interactive mode allows you to create a persistent nslookup session with more advanced functionality. To do this, simply type nslookup into your Command Prompt window.
Now you can type commands without needing to type nslookup first.
Common interactive mode commands
Find mail exchange nameservers
Let’s try setting the nameserver type that we will request to an MX [mail exchange] server.
Type the following into your Command Prompt window:
Set type=MX
You will not see a response, but this has set nslookup to query for MX servers.
Now type:
gmail.com
You should see similar to the following appear:
Non-authoritative answer:
gmail.com MX preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com
gmail.com MX preference = 40, mail exchanger = alt4.gmail-smtp-in.l.google.com
gmail.com MX preference = 30, mail exchanger = alt3.gmail-smtp-in.l.google.com
gmail.com MX preference = 20, mail exchanger = alt2.gmail-smtp-in.l.google.com
gmail.com MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com
Here you can see the server addresses for every mail exchange server used by gmail.com. The MX preference attribute shows us the preferred server, which is alt4 in this case.
Get an authoritative response
Now change your server type to soa by typing:
set type=soa.
This will force the DNS server to return a response from the authoritative DNS server.
Now find out the primary name server by typing:
google.co.uk
The trimmed result is:
primary name server = ns1.google.com
Now type:
google.co.uk ns1.google.com
The result:
Server: ns1.google.com
Addresses: 2001:4860:4802:32::a
216.239.32.10
google.co.uk
primary name server = ns1.google.com
responsible mail addr = dns-admin.google.com
serial = 322751975
refresh = 900 [15 mins]
retry = 900 [15 mins]
expire = 1800 [30 mins]
default TTL = 60 [1 min]
Now you have the most recent and up-to-date records for google.co.uk. You can rely on this due to the authoritative nature of the response, where non-authoritative may be outdated or incorrect.
Join the Fasthosts domain
Web hosting can be complicated, but Fasthosts keeps things simple. We offer dedicated servers that automatically use our in-house nameservers to minimise latency during DNS lookups.
Enter the Fasthosts domain by contacting our friendly sales team on 0808 1686 777, or email us at sales@fasthosts.co.uk.