Nslookup is a service/tool to look up the dns query information. Converts the domain name or host to IP address. Nslookup can be used in two modes interactive and non-interactive mode. Interactive mode is used for us for manual checking and non-interactive mode help to script the checks for a large number of inputs. Also in the case of automated scripts, the non-interactive commands are used.
Reverse dns lookup
We can check the rDNS for the IP using the nslookup command. You can check the screenshot for the same.
We can query specific dns record using the nslookup command by specifying the type. See the checking of MX record check in the screenshot.
You can check the interactive mode from the following screenshot.
host command is used for performing the dns lookups. Mainly it is used for converting host to IP and vice-versa. You can check the following screenshots for the details.
Following is the usage of domain in “host” command:
Following is the usage of IP in “host” command:
Whois is the way to find whether the domain is registered or not. From the whois report, we get other information like the registered owner of the domain. Registrar details and the authoritative name servers of the domain. In the whois report, we get the whole address of the registered owner with email and phone number unless the private registration is enabled. Most of the case it is not enabled and we can contact the registered owner using the email in the report. The reason for the private registration is due to the misuse of information in the whois report.
You can check the whois report in multiple ways. Either via command line or using any sites, which provide the tool for free. Using command line, you can pass the domain name as argument for the “whois” command. Following is the syntax for the usage
A sample result is following;
Following is a web tool available for free for finding the who is report.
There are three options provided in the internic page, they allow us to search for the domain, registrar and for the name servers. By selecting the “Name Servers” option, we can confirm whether the name servers are properly registered or not.
Ping is a network administration tool used for testing whether the destination host is reachable or not. It normally measures the round trip time between the originating host and the destination host. With local ISP’s the round trip time is around 300 ms and if we check from a server, the time is mostly less than 10 ms. Following is the sample ping result.
From Local system with less internet speed
Ping result from a server. You can see the difference in the time for the rtt from the ping result from a server and from a local ISP.
From the above result, we can track the round trip time ( rtt ) and the packet loss in the ping. Based on the packet loss, we can check for any network issue exists or not.
The normal ping command is for using the ipv4 IP address. Now a days ipv6 ip’s are available and ping6 is the command used with ipv6.
Dig is the most commonly used command to look for the dns records. We can use this command to get a specific record or all the records in different ways. We can look at the dns records from specific dns server using “dig” command. Customize the results based on the arguments passed with the command. Using the trace option, we can look for the trace of the dns lookup.
Traceroute command is used to diagnosing the network. Using the traceroute result, we can diagnose the trust delays and packet loss at each node in the network path. By analyzing the traceroute report, we can trace the IP block at the ISP ( Internet Service Provider ) level or track the network delay in the network path.
In addition to the linux tools, you should familiar with some of the web tools for getting the dns reports. You can find web tools for all the above commands provided by different sites. Following 3 websites used for checking dns report and dns records.
intoDNS report deals with most of the dns related queries and checks. If you are a tech, you can troubleshoot most of the dns related issues by analyzing the report. You can check the report using the following format.
Digdn.info is a dns report tool provided by Nixtree. You will get common DNS records, rDNS of the IP’s in the first mentioned IP’s. So the user can verify all the MX for the domains have valid rDNS or not. And also SPF check also performed in this. You can check the dns report fort “linuxhint.com” from the following link.
Mxtoolbox is not only a dnslookup tool. It is a large collection of web tools like blacklist check, analyze mail headers, dns lookup and more. You can visit the following link to see the available tools from the site.
These tools are for getting the dn report in different ways. If you are a system administrator, you should familiar with the usage of these tools and how to read and understand the report.