Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Using NSLOOKUP for DNS Server Diagnosis

Using NSLOOKUP for DNS Server Diagnosis

Ratings: (0)|Views: 386 |Likes:
Published by kalilrahiman

More info:

Published by: kalilrahiman on Jan 28, 2011
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





Using NSLOOKUP for DNS Serverdiagnosis
Sep 27, 2005
Sep 27, 2005
The DNS protocol has been around for decades and is a stable and reliable protocol.Even so, DNS does occasionally have problems. PING is a great tool for DNS serverdiagnosis, and I tend to use it quite frequently myself. However, sometimes PING justdoesn’t give you enough information about the problem at hand. When you need moreinformation about a DNS problem than what PING provides you with, you can alwaysturn to the NSLOOKUP command. In this article, I will show you how to useNSLOOKUP.The DNS protocol has been around for decades and is a stable and reliable protocol.Even so, DNS does occasionally have problems. These problems might stem from aloss of connectivity, an invalid DNS record, or a number of other issues. When a DNSserver doesn’t behave in the way that it is expected to, many people turn to the PINGcommand for help. PING is a great tool for DNS server diagnosis, and I tend to use itquite frequently myself. However, sometimes PING just doesn’t give you enoughinformation about the problem at hand. When you need more information about aDNS problem than what PING provides you with, you can always turn to theNSLOOKUP command. NSLOOKUP is a built in DNS diagnostic utility that’savailable to both Windows and UNIX Administrators. In this article, I will show youhow to use NSLOOKUP.
The Basics
NSLOOKUP has a fairly rich syntax and can be a bit confusing for those who havenot worked with DNS a great deal. Therefore, I want to start out by showing yousome of the basics. Although NSLOOKUP exists in both UNIX and Windows, thereare some differences in the way that it behaves in the two operating systems. For thepurposes of this article, I will be using the Windows version.The first thing that you need to understand about NSLOOKUP is that when you usethe NSLOOKUP command, it assumes that you are querying a local domain on yourprivate network. You can query an external domain, but NSLOOKUP will try tosearch for the domain internally first. For example, the brienposey.com domain isexternal to my network. If I perform an NSLOOKUP against brienposey.com,NSLOOKUP returns the information that’s shown in Figure A.
Figure A:
This is what happens when NSLOOKUP queries an external domainIf you look at the figure, you will see that there are non existent domain errormessages for the IP addresses and These are theaddresses of my internal DNS servers. Below this information however is the nonauthoritative answer. This means that my DNS server queried an external DNS serverin an effort to resolve the IP address associated with the brienposey.com domain.Now, let’s take a look at what happens when you query an internal domain. One of the local domains on my private network is production.com. If I perform anNSLOOKUP against production.com, I get the results shown in Figure B.
Figure B:
This is what it looks like when I query an internal domainIf you look at the top portion of this screen, you will notice that I’m getting the exactsame non-existent domain error messages as I got when I queried an external domain.
At first, this may seem puzzling. The reason why I got this error message was becauseI performed an NSLOOKUP outside of the NSLOOKUP shell. I will talk more aboutthe NSLOOKUP shell in the next section. For now though, you need to know that youcan enter the NSLOOKUP command by itself. When you do, you will see the familiarnon-existent domain error messages, but you will then be taken to the NSLOOKUPprompt (the > sign). From there you can enter various NSLOOKUP commands. Whenyou are done, you can use the EXIT command to return to the command prompt.The other thing that you should notice about Figure B is the bottom portion of theoutput. Beneath the reference to production.com is a string of IP addresses. These arethe IP addresses of all of the domain controllers within the domain. I should also pointout that if multiple IP addresses are assigned to a single server then all of the server’sIP addresses will be displayed by NSLOOKUP.
Now that I have shown you how to use the NSLOOKUP command to see the IPaddress or addresses associated with the domain, let’s do something a little bit moreuseful. One of the things that you can do with NSLOOKUP is to look up a specifictype of DNS record. A good example of this is an MX record.In case you aren’t yet familiar with all of the intricacies of DNS, the MX recordpoints to the organizations mail server. For example, suppose that someone wanted tosend an E-mail message to you, one of the first things that their mail server wouldhave to do is to resolve your domain’s IP address. However, a normal addressresolution won’t usually work for this purpose. In Figure A, you saw that when I ran aDNS query against the brienposey.com domain, the domain resolved to the address24.235.10.4. Keep in mind though, that this is the IP address of the server that hostsmy Web site, not the address of my mail server. If someone wanted to send me an E-mail message their E-mail client would have to resolve the IP address of my domain’smail server. This is where the MX record comes into play. The MX record is a recordon a domain’s DNS server that specifies the IP address of the domain’s mail server.As you can see, the MX record is rather important. Suppose however that yourdomain was having trouble receiving E-mail and you suspected that a DNS serverissue was to blame. You could use NSLOOKUP to confirm that the domain doesindeed have an MX record and that the MX record is pointed to the correct IP address.Earlier I briefly mentioned that you could work within the NSLOOKUP shell. Totroubleshoot an MX record problem, you pretty much have to work within this shell.Therefore, you would start the process by entering the NSLOOKUP command at thecommand prompt.Once the NSLOOKUP shell is open, you will need to tell NSLOOKUP which DNSserver you want to query. To do so, enter the SERVER command, followed by theDNS server’s IP address. You can also enter the server’s fully qualified domain name(assuming that it can be resolved) as an alternative to the server’s IP address.

Activity (4)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
Mathish liked this
harryrp liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->