Žilinská univerzita > Fakulta riadenia a informatiky > Katedra informačných sietí

How to find a right server - nslookup and dig dns command line tools

 A simple comparison of the nslookup command, the Microsoft DNS tool, and dig, the linux/win based command alternative.

 

How to find the root servers?
Using nslookup using dig

 C:\Users\palo>nslookup
Default Server: iris.isp.kx.sk
Address: 85.248.45.238

> set type=ns
> .

Server: iris.isp.kx.sk
Address: 85.248.45.238

Non-authoritative answer:
(root) nameserver = g.root-servers.net
(root) nameserver = i.root-servers.net
(root) nameserver = a.root-servers.net
(root) nameserver = h.root-servers.net
(root) nameserver = k.root-servers.net
(root) nameserver = c.root-servers.net
(root) nameserver = f.root-servers.net
(root) nameserver = e.root-servers.net
(root) nameserver = l.root-servers.net
(root) nameserver = m.root-servers.net
(root) nameserver = b.root-servers.net
(root) nameserver = j.root-servers.net
(root) nameserver = d.root-servers.net

a.root-servers.net internet address = 198.41.0.4
a.root-servers.net AAAA IPv6 address = 2001:503:ba3e::2:30
j.root-servers.net internet address = 192.58.128.30
j.root-servers.net AAAA IPv6 address = 2001:503:c27::2:30
d.root-servers.net internet address = 128.8.10.90

 alternatively we may use

C:\Users\palo>nslookup -q=ns .

 

 C:\Users\palo>dig ns .

; <<>> DiG 9.3.2 <<>> ns .
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 466
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 5

;; QUESTION SECTION:
;. IN NS

;; ANSWER SECTION:
. 155728 IN NS i.root-servers.net.
. 155728 IN NS c.root-servers.net.
. 155728 IN NS b.root-servers.net.
. 155728 IN NS e.root-servers.net.
. 155728 IN NS k.root-servers.net.
. 155728 IN NS d.root-servers.net.
. 155728 IN NS f.root-servers.net.
. 155728 IN NS m.root-servers.net.
. 155728 IN NS l.root-servers.net.
. 155728 IN NS j.root-servers.net.
. 155728 IN NS h.root-servers.net.
. 155728 IN NS g.root-servers.net.
. 155728 IN NS a.root-servers.net.

;; ADDITIONAL SECTION:
a.root-servers.net. 69324 IN A 198.41.0.4
a.root-servers.net. 600930 IN AAAA 2001:503:ba3e::2:30
j.root-servers.net. 242128 IN A 192.58.128.30
j.root-servers.net. 242128 IN AAAA 2001:503:c27::2:30
d.root-servers.net. 603948 IN A 128.8.10.90

;; Query time: 83 msec
;; SERVER: 85.248.45.238#53(85.248.45.238)
;; WHEN: Sun Oct 23 19:58:13 2011
;; MSG SIZE rcvd: 332

 

 How to find autoritative name servers for top level domain sk. 

 > set type=ns
> sk.
Server: iris.isp.kx.sk
Address: 85.248.45.238

Non-authoritative answer:
sk nameserver = ns1.sk-nic.sk
sk nameserver = sns-pb.isc.org
sk nameserver = ns.eunet.sk
sk nameserver = ns.uu.net
sk nameserver = sunic.sunet.se
sk nameserver = ns.sk-nic.sk
sk nameserver = c.tld.sk
sk nameserver = ns3.sk-nic.sk

ns.sk-nic.sk internet address = 195.12.159.2
ns3.sk-nic.sk internet address = 217.75.67.234
sunic.sunet.se internet address = 192.36.125.2
ns.uu.net internet address = 137.39.1.3
ns.eunet.sk internet address = 217.75.73.242
c.tld.sk internet address = 217.75.72.157
ns1.sk-nic.sk internet address = 195.12.159.3

 

 

 C:\Users\palo>dig ns sk.

; <<>> DiG 9.3.2 <<>> ns sk.
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 353
;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 7

;; QUESTION SECTION:
;sk. IN NS

;; ANSWER SECTION:
sk. 82728 IN NS ns.sk-nic.sk.
sk. 82728 IN NS sunic.sunet.se.
sk. 82728 IN NS ns3.sk-nic.sk.
sk. 82728 IN NS ns1.sk-nic.sk.
sk. 82728 IN NS c.tld.sk.
sk. 82728 IN NS ns.uu.net.
sk. 82728 IN NS ns.eunet.sk.
sk. 82728 IN NS sns-pb.isc.org.

;; ADDITIONAL SECTION:
ns.sk-nic.sk. 58440 IN A 195.12.159.2
ns3.sk-nic.sk. 58440 IN A 217.75.67.234
sunic.sunet.se. 14406 IN A 192.36.125.2
ns.uu.net. 2617 IN A 137.39.1.3
ns.eunet.sk. 61232 IN A 217.75.73.242
c.tld.sk. 61232 IN A 217.75.72.157
ns1.sk-nic.sk. 58440 IN A 195.12.159.3

;; Query time: 68 msec
;; SERVER: 85.248.45.238#53(85.248.45.238)
;; WHEN: Sun Oct 23 19:59:50 2011
;; MSG SIZE rcvd: 314

 

 How to find MX exchanger for a domain?  

 > set type=mx
> kis.fri.uniza.sk
Server: iris.isp.kx.sk
Address: 85.248.45.238

Non-authoritative answer:
kis.fri.uniza.sk MX preference = 10, mail exchanger = relay.uniza.sk

kis.fri.uniza.sk nameserver = frix.fri.uniza.sk
kis.fri.uniza.sk nameserver = ns.kis.fri.uniza.sk
kis.fri.uniza.sk nameserver = kinfo.fri.uniza.sk
frix.fri.uniza.sk internet address = 158.193.138.40
ns.kis.fri.uniza.sk internet address = 158.193.152.2
ns.kis.fri.uniza.sk AAAA IPv6 address = 2001:4118:300:120::2
kinfo.fri.uniza.sk internet address = 158.193.138.7

 

 

 C:\Users\palo>dig mx kis.fri.uniza.sk

; <<>> DiG 9.3.2 <<>> mx kis.fri.uniza.sk
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 910
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 4

;; QUESTION SECTION:
;kis.fri.uniza.sk. IN MX

;; ANSWER SECTION:
kis.fri.uniza.sk. 3578 IN MX 10 relay.uniza.sk.

;; AUTHORITY SECTION:
kis.fri.uniza.sk. 2587 IN NS ns.kis.fri.uniza.sk.
kis.fri.uniza.sk. 2587 IN NS frix.fri.uniza.sk.
kis.fri.uniza.sk. 2587 IN NS kinfo.fri.uniza.sk.

;; ADDITIONAL SECTION:
frix.fri.uniza.sk. 46997 IN A 158.193.138.40
ns.kis.fri.uniza.sk. 2453 IN A 158.193.152.2
ns.kis.fri.uniza.sk. 2453 IN AAAA 2001:4118:300:120::2
kinfo.fri.uniza.sk. 28409 IN A 158.193.138.7

;; Query time: 77 msec
;; SERVER: 85.248.45.238#53(85.248.45.238)
;; WHEN: Sun Oct 23 20:01:38 2011
;; MSG SIZE rcvd: 188

 

 

 How to find zone information?  

 C:\Users\palo>dig mx kis.fri.uniza.sk

; <<>> DiG 9.3.2 <<>> mx kis.fri.uniza.sk
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 910
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 4

;; QUESTION SECTION:
;kis.fri.uniza.sk. IN MX

;; ANSWER SECTION:
kis.fri.uniza.sk. 3578 IN MX 10 relay.uniza.sk.

;; AUTHORITY SECTION:
kis.fri.uniza.sk. 2587 IN NS ns.kis.fri.uniza.sk.
kis.fri.uniza.sk. 2587 IN NS frix.fri.uniza.sk.
kis.fri.uniza.sk. 2587 IN NS kinfo.fri.uniza.sk.

;; ADDITIONAL SECTION:
frix.fri.uniza.sk. 46997 IN A 158.193.138.40
ns.kis.fri.uniza.sk. 2453 IN A 158.193.152.2
ns.kis.fri.uniza.sk. 2453 IN AAAA 2001:4118:300:120::2
kinfo.fri.uniza.sk. 28409 IN A 158.193.138.7

;; Query time: 77 msec
;; SERVER: 85.248.45.238#53(85.248.45.238)
;; WHEN: Sun Oct 23 20:01:38 2011
;; MSG SIZE rcvd: 188

 

 C:\Users\palo>dig soa kis.fri.uniza.sk

; <<>> DiG 9.3.2 <<>> soa kis.fri.uniza.sk
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1906
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 4

;; QUESTION SECTION:
;kis.fri.uniza.sk. IN SOA

;; ANSWER SECTION:
kis.fri.uniza.sk. 3551 IN SOA ns.kis.fri.uniza.sk. hostmaster.
kis.fri.uniza.sk. 2011092801 10800 3600 1209600 3600

;; AUTHORITY SECTION:
kis.fri.uniza.sk. 84 IN NS frix.fri.uniza.sk.
kis.fri.uniza.sk. 84 IN NS ns.kis.fri.uniza.sk.
kis.fri.uniza.sk. 84 IN NS kinfo.fri.uniza.sk.

;; ADDITIONAL SECTION:
ns.kis.fri.uniza.sk. 3551 IN A 158.193.152.2
ns.kis.fri.uniza.sk. 3551 IN AAAA 2001:4118:300:120::2
frix.fri.uniza.sk. 48095 IN A 158.193.138.40
kinfo.fri.uniza.sk. 29507 IN A 158.193.138.7

;; Query time: 91 msec
;; SERVER: 85.248.45.238#53(85.248.45.238)
;; WHEN: Sun Oct 23 19:43:19 2011
;; MSG SIZE rcvd: 213

 How to find a service record? Fore example for SIP service?  

 > set type=srv
> _sip._udp.kis.fri.uniza.sk
Server: iris.isp.kx.sk
Address: 85.248.45.238

Non-authoritative answer:
_sip._udp.kis.fri.uniza.sk SRV service location:
priority = 0
weight = 1
port = 5060
svr hostname = voip.kis.fri.uniza.sk

kis.fri.uniza.sk nameserver = frix.fri.uniza.sk
kis.fri.uniza.sk nameserver = ns.kis.fri.uniza.sk
kis.fri.uniza.sk nameserver = kinfo.fri.uniza.sk
voip.kis.fri.uniza.sk internet address = 158.193.152.2
frix.fri.uniza.sk internet address = 158.193.138.40
ns.kis.fri.uniza.sk internet address = 158.193.152.2
ns.kis.fri.uniza.sk AAAA IPv6 address = 2001:4118:300:120::2
kinfo.fri.uniza.sk internet address = 158.193.138.7

 

 C:\Users\palo>dig srv _sip._udp.kis.fri.uniza.sk

; <<>> DiG 9.3.2 <<>> srv _sip._udp.kis.fri.uniza.sk
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1897
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;_sip._udp.kis.fri.uniza.sk. IN SRV

;; ANSWER SECTION:
_sip._udp.kis.fri.uniza.sk. 920 IN SRV 0 1 5060 voip.kis.fri.uniza.sk.

;; AUTHORITY SECTION:
kis.fri.uniza.sk. 260 IN NS frix.fri.uniza.sk.
kis.fri.uniza.sk. 260 IN NS ns.kis.fri.uniza.sk.
kis.fri.uniza.sk. 260 IN NS kinfo.fri.uniza.sk.

;; ADDITIONAL SECTION:
voip.kis.fri.uniza.sk. 920 IN A 158.193.152.2
frix.fri.uniza.sk. 48271 IN A 158.193.138.40
kinfo.fri.uniza.sk. 29683 IN A 158.193.138.7

;; Query time: 97 msec
;; SERVER: 85.248.45.238#53(85.248.45.238)
;; WHEN: Sun Oct 23 19:40:23 2011
;; MSG SIZE rcvd: 189

 

 How to view DNS tracing process?  
 

 C:\Users\palo>dig kis.fri.uniza.sk +trace

; <<>> DiG 9.3.2 <<>> kis.fri.uniza.sk +trace
;; global options: printcmd
. 155418 IN NS a.root-servers.net.
. 155418 IN NS c.root-servers.net.
. 155418 IN NS j.root-servers.net.
. 155418 IN NS h.root-servers.net.
. 155418 IN NS g.root-servers.net.
. 155418 IN NS l.root-servers.net.
. 155418 IN NS d.root-servers.net.
. 155418 IN NS i.root-servers.net.
. 155418 IN NS m.root-servers.net.
. 155418 IN NS k.root-servers.net.
. 155418 IN NS f.root-servers.net.
. 155418 IN NS e.root-servers.net.
. 155418 IN NS b.root-servers.net.
;; Received 332 bytes from 85.248.45.238#53(85.248.45.238) in 63 ms

sk. 172800 IN NS sns-pb.isc.org.
sk. 172800 IN NS sunic.sunet.se.
sk. 172800 IN NS ns.uu.net.
sk. 172800 IN NS c.tld.sk.
sk. 172800 IN NS ns.eunet.sk.
sk. 172800 IN NS ns.sk-nic.sk.
sk. 172800 IN NS ns1.sk-nic.sk.
sk. 172800 IN NS ns3.sk-nic.sk.
;; Received 428 bytes from 198.41.0.4#53(a.root-servers.net) in 79 ms

uniza.sk. 86400 IN NS sun.uakom.sk.
uniza.sk. 86400 IN NS proxy.uniza.sk.
uniza.sk. 86400 IN NS nic.uniza.sk.
;; Received 172 bytes from 192.5.4.1#53(sns-pb.isc.org) in 70 ms

fri.uniza.sk. 86400 IN NS nic.uniza.sk.
fri.uniza.sk. 86400 IN NS kinfo.fri.uniza.sk.
;; Received 132 bytes from 192.108.131.11#53(sun.uakom.sk) in 43 ms

kis.fri.uniza.sk. 86400 IN NS frix.fri.uniza.sk.
kis.fri.uniza.sk. 86400 IN NS kinfo.fri.uniza.sk.
kis.fri.uniza.sk. 86400 IN NS ns.kis.fri.uniza.sk.
;; Received 138 bytes from 158.193.48.33#53(nic.uniza.sk) in 49 ms

kis.fri.uniza.sk. 3600 IN SOA ns.kis.fri.uniza.sk. host
kis.fri.uniza.sk. 2011092801 10800 3600 1209600 3600
;; Received 84 bytes from 158.193.138.40#53(frix.fri.uniza.sk) in 43 ms

 

 Command syntax  

 

> ?
Commands: (identifiers are shown in uppercase, [] means optional)
NAME - print info about the host/domain NAME using default server
NAME1 NAME2 - as above, but use NAME2 as server
help or ? - print info on common commands
set OPTION - set an option
all - print options, current server and host
[no]debug - print debugging information
[no]d2 - print exhaustive debugging information
[no]defname - append domain name to each query
[no]recurse - ask for recursive answer to query
[no]search - use domain search list
[no]vc - always use a virtual circuit
domain=NAME - set default domain name to NAME
srchlist=N1[/N2/.../N6] - set domain to N1 and search list to N1,N2, etc.
root=NAME - set root server to NAME
retry=X - set number of retries to X
timeout=X - set initial time-out interval to X seconds
type=X - set query type (ex. A,AAAA,A+AAAA,ANY,CNAME,MX,NS,PTR,
SOA,SRV)
querytype=X - same as type
class=X - set query class (ex. IN (Internet), ANY)
[no]msxfr - use MS fast zone transfer
ixfrver=X - current version to use in IXFR transfer request
server NAME - set default server to NAME, using current default server
lserver NAME - set default server to NAME, using initial server
root - set current default server to the root
ls [opt] DOMAIN [> FILE] - list addresses in DOMAIN (optional: output to FILE)
-a - list canonical names and aliases
-d - list all records
-t TYPE - list records of the given RFC record type (ex. A,CNAME,MX,NS,
PTR etc.)
view FILE - sort an 'ls' output file and view it with pg
exit - exit the program

 

 

 

C:\Users\palo>dig -h
Usage: dig [@global-server] [domain] [q-type] [q-class] {q-opt}
{global-d-opt} host [@local-server] {local-d-opt}
[ host [@local-server] {local-d-opt} [...]]
Where: domain is in the Domain Name System
q-class is one of (in,hs,ch,...) [default: in]
q-type is one of (a,any,mx,ns,soa,hinfo,axfr,txt,...) [default:
(Use ixfr=version for type ixfr)
q-opt is one of:
-x dot-notation (shortcut for in-addr lookups)
-i (IP6.INT reverse IPv6 lookups)
-f filename (batch mode)
-b address[#port] (bind to source address/port)
-p port (specify port number)
-t type (specify query type)
-c class (specify query class)
-k keyfile (specify tsig key file)
-y name:key (specify named base64 tsig key)
-4 (use IPv4 query transport only)
-6 (use IPv6 query transport only)
d-opt is of the form +keyword[=value], where keyword is:
+[no]vc (TCP mode)
+[no]tcp (TCP mode, alternate syntax)
+time=### (Set query timeout) [5]
+tries=### (Set number of UDP attempts) [3]
+retry=### (Set number of UDP retries) [2]
+domain=### (Set default domainname)
+bufsize=### (Set EDNS0 Max UDP packet size)
+ndots=### (Set NDOTS value)
+[no]search (Set whether to use searchlist)
+[no]defname (Ditto)
+[no]recurse (Recursive mode)
+[no]ignore (Don't revert to TCP for TC response
+[no]fail (Don't try next server on SERVFAIL)
+[no]besteffort (Try to parse even illegal messages)
+[no]aaonly (Set AA flag in query (+[no]aaflag))
+[no]adflag (Set AD flag in query)
+[no]cdflag (Set CD flag in query)
+[no]cl (Control display of class in records
+[no]cmd (Control display of command line)
+[no]comments (Control display of comment lines)
+[no]question (Control display of question)
+[no]answer (Control display of answer)
+[no]authority (Control display of authority)
+[no]additional (Control display of additional)
+[no]stats (Control display of statistics)
+[no]short (Disable everything except short
form of answer)
+[no]ttlid (Control display of ttls in records)
+[no]all (Set or clear all display flags)
+[no]qr (Print question before sending)
+[no]nssearch (Search all authoritative nameserver
+[no]identify (ID responders in short answers)
+[no]trace (Trace delegation down from root)
+[no]dnssec (Request DNSSEC records)
+[no]multiline (Print records in an expanded format
global d-opts and servers (before host name) affect all queries.
local d-opts and servers (after host name) affect only that looku
-h (print help and exit)
-v (print version and exit)

 

   

 

----------------

 

 

Groups: