home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  


DNS & BIND

DNS & BINDSearch this book
Previous: 11.4 Avoiding the Search List Chapter 11
nslookup
Next: 11.6 Less Common Tasks
 

11.5 Common Tasks

There are little chores you'll come to use nslookup for almost every day: finding the IP address or MX records for a given domain name, or querying a particular name server for data. We'll cover these first, before moving on to the more occasional stuff.

11.5.1 Looking Up Different Data Types

By default, nslookup looks up the address for a name, or the name for an address. You can look up any data type by changing the querytype , as we will show in this example:

% 

nslookup


Default Server:  terminator.movie.edu
Address:  0.0.0.0

> 

misery

                 
 - Look up address

Server:  terminator.movie.edu
Address:  0.0.0.0

Name:    misery.movie.edu
Address:  192.253.253.2

> 

192.253.253.2

          
 - Look up name

Server:  terminator.movie.edu
Address:  0.0.0.0

Name:    misery.movie.edu
Address:  192.253.253.2

> 

set q=mx

               
 - Look up 
MX
 data

> 

wormhole


Server:  terminator.movie.edu
Address:  0.0.0.0

wormhole.movie.edu      preference = 10, mail exchanger = wormhole.movie.edu
wormhole.movie.edu      internet address = 192.249.249.1
wormhole.movie.edu      internet address = 192.253.253.1

> 

set q=any

              
 - Look up data of any type

> 

diehard


Server:  terminator.movie.edu
Address:  0.0.0.0

diehard.movie.edu       internet address = 192.249.249.4
diehard.movie.edu       preference = 10, mail exchanger = diehard.movie.edu
diehard.movie.edu       internet address = 192.249.249.4

These are only a few of the valid DNS data types, of course. For the complete list, see Appendix A, DNS Message Format and Resource Records .

11.5.2 Authoritative Versus Nonauthoritative Answers

If you've used nslookup before, you might have noticed something peculiar - the first time you look up a remote name, the answer is authoritative, but the second time you look up the same name it is nonauthoritative. Here's an example:

% 

nslookup


Default Server:  relay.hp.com
Address:  15.255.152.2

> 

slate.mines.colorado.edu.


Server:  relay.hp.com
Address:  15.255.152.2

Name:     slate.mines.colorado.edu
Address:  138.67.1.3

> 

slate.mines.colorado.edu.


Server:  relay.hp.com
Address:  15.255.152.2

Non-authoritative answer:
Name:    slate.mines.colorado.edu
Address:  138.67.1.3

While this looks odd, it really isn't. What is happening is that the first time the local name server looks up slate , it contacts the name server for mines.colorado.edu , and the mines.colorado.edu server responds with an authoritative answer. The local name server, in effect, passes the authoritative response directly back to nslookup . It also caches the response. The second time you look up slate , the name server answers out of its cache, which results in the answer "nonauthoritative."

Notice that we ended the domain name with a trailing dot each time we looked it up. The response would have been the same had we left the trailing dot off. There are times when it is critical that you use the trailing dot while debugging, and times when it is not. Rather than stopping to decide if this name needs a trailing dot, we always add one if we know the name is fully qualified, except, of course, for the example where we turn off the search list.

11.5.3 Switching Servers

Sometimes you want to query another name server directly - you may think it is misbehaving, for example. You can switch servers with nslookup by using the server or lserver command. The difference between server and lserver is that lserver queries your "local" server - the one you started out with - to get the address of the server you want to switch to; server uses the default server instead of the local server. This difference is important to know because the server you just switched to may not be responding, as we'll show in this example:

% 

nslookup


Default Server:  relay.hp.com
Address:  15.255.152.2

When we start up, our first server, relay.hp.com , becomes our lserver. This will matter later on in this session.

> 

server galt.cs.purdue.edu.


Default Server:  galt.cs.purdue.edu
Address:  128.10.2.39

> 

cs.purdue.edu.


Server:  galt.cs.purdue.edu
Address:  128.10.2.39

*** galt.cs.purdue.edu can't find cs.purdue.edu.: No response from server

At this point we try to switch back to our original name server. But there is no name server running on galt to look up relay's address.

> 

server relay.hp.com.



*** Can't find address for server relay.hp.com.: No response from server

Instead of being stuck , though, we use the lserver command to have our local server look up relay 's address:

> 

lserver relay.hp.com.


Default Server:  relay.hp.com
Address:  15.255.152.2

> 

^D

Since the server on galt did not respond - it's not even running a name server - it wasn't possible to look up the address of relay to switch back to using relay 's name server. Here's where lserver comes to the rescue: the local name server, relay , was still responding, so we used it. Instead of using lserver , we could have recovered by using relay 's IP address directly - server 15.255.152.2 .

You can even change servers on a per-query basis. To specify that you'd like nslookup to query a particular server for information about a given domain name, you can specify the server as the second argument on the line, after the domain name to look up - like so:

% 

nslookup


Default Server:  relay.hp.com
Address:  15.255.152.2

> 

saturn.sun.com. ns.sun.com.


Name Server:  ns.sun.com
Address:  192.9.9.3

Name:    saturn.sun.com
Addresses: 192.9.25.2

> 

^D

And, of course, you can change servers from the command line. You can specify the server to query as the argument after the domain name to look up, like this:

% 

nslookup -type=mx fisherking.movie.edu. terminator.movie.edu.

This instructs nslookup to query terminator.movie.edu for MX records for fisherking.movie.edu .

Finally, to specify an alternate default server and enter interactive mode, you can use a hyphen in place of the domain name to look up:

% 

nslookup - terminator.movie.edu.


Previous: 11.4 Avoiding the Search List DNS & BIND Next: 11.6 Less Common Tasks
11.4 Avoiding the Search List Book Index 11.6 Less Common Tasks