nslookup command reference
Complete reference for nslookup commands, flags, query types, and interactive mode options for DNS lookups.
Complete reference for nslookup commands, interactive mode options, query type flags, and configuration settings.
nslookup Non-Interactive Options
nslookup accepts these flags when running in non-interactive (command-line) mode. Each flag modifies a single query.
| Flag | Description | Default | Example |
|---|---|---|---|
-type=a | Query A records to resolve a domain name to its IPv4 address. | A | nslookup -type=a example.com |
-type=aaaa | Query AAAA records to resolve a domain name to its IPv6 address. | -- | nslookup -type=aaaa example.com |
-type=mx | Query MX (mail exchange) records that identify the mail servers responsible for accepting email for a domain. | -- | nslookup -type=mx example.com |
-type=ns | Query NS (nameserver) records that list the authoritative DNS servers for a domain zone. | -- | nslookup -type=ns example.com |
-type=soa | Query the SOA (Start of Authority) record containing the primary nameserver, admin email, zone serial number, refresh interval, retry interval, expiry, and minimum TTL. | -- | nslookup -type=soa example.com |
-type=ptr | Query PTR (pointer) records for reverse DNS lookups that map an IP address back to a domain name. | -- | nslookup -type=ptr 50.113.0.203.in-addr.arpa |
-type=txt | Query TXT records that store SPF email policies, DKIM keys, domain verification tokens, and other text-based DNS data. | -- | nslookup -type=txt example.com |
-type=cname | Query CNAME (canonical name) records that create domain aliases pointing to another domain name. | -- | nslookup -type=cname www.example.com |
-type=srv | Query SRV (service) records that specify the hostname and port for specific services such as SIP or LDAP. | -- | nslookup -type=srv _sip._tcp.example.com |
-type=any | Query all available DNS record types for a domain in a single request. Some DNS servers restrict ANY queries. | -- | nslookup -type=any example.com |
-debug | Enable debug output to display full DNS response packets including QUESTIONS, ANSWERS, AUTHORITY RECORDS, TTL values, and query metadata. | off | nslookup -debug example.com |
-timeout=N | Set the number of seconds nslookup waits for a response from the DNS server before timing out. | 5 | nslookup -timeout=10 example.com |
-retry=N | Set the number of times nslookup retries a query when the DNS server does not respond within the timeout period. | 1 | nslookup -retry=3 example.com |
-port=N | Direct the DNS query to a non-standard port on the DNS server instead of the default UDP/TCP port 53. | 53 | nslookup -port=5353 example.com |
nslookup Interactive Mode Commands
nslookup interactive mode accepts these commands at the
> prompt. Enter interactive mode by running
nslookup with no arguments.
| Command | Description | Example |
|---|---|---|
server {ip\|hostname} | Change the DNS server used for subsequent queries to the specified server address. | server 8.8.8.8 |
lserver {ip\|hostname} | Change the DNS server using the initial default server to resolve the address, then switch to that server for subsequent queries. | lserver ns1.example.com |
set type={record} | Set the DNS record type for subsequent queries. Accepts A, AAAA, MX, NS, SOA, PTR, TXT, CNAME, SRV, or ANY. | set type=mx |
set querytype={record} | Alias for
set type. Sets the DNS record type for subsequent queries. | set querytype=ns |
set debug | Enable debug mode to display full DNS response packets, TTL values, and query sections for all subsequent queries. | set debug |
set nodebug | Disable debug mode and return to standard output for subsequent queries. | set nodebug |
set d2 | Enable level-2 debug mode for exhaustive DNS packet details, including all sent and received messages. | set d2 |
set nod2 | Disable level-2 debug mode. | set nod2 |
set timeout=N | Set the number of seconds to wait for a DNS server response. | set timeout=10 |
set retry=N | Set the number of retry attempts if a DNS query times out. | set retry=3 |
set recurse | Enable recursive queries. The DNS server queries other servers if it lacks the requested record. Enabled by default. | set recurse |
set norecurse | Disable recursive queries. The DNS server returns only data it already holds in its cache or zone files. | set norecurse |
set port=N | Set the DNS server port for subsequent queries. Default is port 53. | set port=5353 |
set domain={name} | Set the default DNS domain name appended to unqualified lookup requests. | set domain=example.com |
set search | Enable appending DNS domain names from the search list to unqualified queries until a match occurs. | set search |
set nosearch | Disable the DNS search list. Queries use only the exact name provided. | set nosearch |
set vc | Use TCP (virtual circuit) instead of UDP for DNS queries. Required for responses larger than 512 bytes. | set vc |
set novc | Use UDP for DNS queries. This is the default transport protocol for nslookup. | set novc |
set all | Display the current values of all nslookup configuration settings, including server, type, timeout, retry, and debug state. | set all |
ls {domain} | List all DNS records for the specified domain zone. Requires zone transfer permission from the authoritative nameserver. | ls example.com |
exit | Exit nslookup interactive mode and return to the system shell. | exit |
help or
? | Display a summary of all available nslookup interactive mode commands. | help |