Nslookup.exe is a command-line administrative tool for testing and troubleshooting DNS servers and host name resolution issues. This tool is installed at the time that TCP/IP is installed on the computer. For modern operating systems starting with Windows 2000, TCP/IP is installed by default when a network adapter is installed on the computer.
Nslookup.exe can be run in two modes: interactive and non-interactive. Use interactive mode when you plan on using the tool to send multiple queries to the DNS server. Alternatively, non-interactive mode is useful when only a single piece of data needs to be returned. The syntax for non-interactive mode is:
nslookup [-option] [hostname] [DNS server name/IP]
When using the non-interactive mode, you must use at the very minimum, this syntax:
The nslookup tool will connect to the primary DNS server that is listed in the computer’s local TCP/IP configuration. To start Nslookup.exe in interactive mode, simply type "nslookup" at the command prompt:
Typing "help" or "?" at the command prompt will generate a list of available commands. Anything typed at the command prompt that is not recognized as a valid command is assumed to be a host name and an attempt is made to resolve it using the default server. To interrupt interactive commands, press CTRL+C. To exit interactive mode and return to the command prompt, type exit at the command prompt.
The following is the help output and contains the complete list of options:
A number of different options can be set in Nslookup.exe by running the set command at the command prompt. For instance, if you were only interested in querying the DNS server in regards to the SMTP records, type the following command at the nslookup prompt: set type=MX. To query the DNS server for the MX records for the domain, google.com, type google.com after the type has been set to MX.
The two most common errors that you may encounter using the nslookup command are “Timed-Out” and “Non-existent Domain”. The “Timed-Out” message indicates that the server did not respond to a request after a certain amount of time and a certain number of retries. You can set the time-out period with the set timeout subcommand. You can set the number of retries with the set retry subcommand. The “Non-existent Domain” message indicates that the computer or DNS domain name does not exist. There are other errors that you may encounter less frequently such as “No Response from Server”, “Connection Refused”, “Network is Unreachable”, “Server Failure”, and “Format Error”.
Overall, using the nslookup command to troubleshoot DNS Server and host name resolution issues is generally very helpful as you are removing some of the higher level protocols which can interfere in the troubleshooting process. For example, just because you cannot access a web page using a web browser is not an indication of a DNS issue. Using the correct tools and procedures for troubleshooting DNS related issues can and will reduce the amount of time needed to correct host name resolution issues.
Recommended Books & Training Resources