July 2013
« Jun   Aug »

Useful information of nslookup, whois commands

nslookup is widely used for identify the issue which related to DNS records. There will be a many cases, that you will be in trouble with outdated DNS cache if the actual DNS entry is changed. Some scenario like Switching server to some other IP, creating/updating new host records [Type A], Changing MX record and Nameserver switching.

From my experience,nameserver switching will consume more time compare with other DNS changes. So any nameserver switching should be happened only on weekend. if you want to get fast DNS updation, you may have to configure Google name servers either your system or set next DNS forwarder to Google nameservers in your Name server.

I uses bind daemon for DNS purpose and used it for both local DNS as well as name caching server. Also I’d added Google public DNS (, and Verizon Free DNS ( as forwarders in it

 // these are the opendns servers (optional)
        forwarders {

I will do a name server restart to get the new DNS updation which I’d made on domain registrars. Google showing fast updated DNS cache.

a. How do I identify the domain registrant, registration date and name servers currently used
The linux command “whois” help to get these details. We can get the age of that company or organization 🙂

[root@rc-040 public_html]# whois | more
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to
for detailed information.
   Domain Name: GOOGLE.COM
   Registrar: MARKMONITOR INC.
   Whois Server:
   Referral URL:
   Name Server: NS1.GOOGLE.COM
   Name Server: NS2.GOOGLE.COM
   Name Server: NS3.GOOGLE.COM
   Name Server: NS4.GOOGLE.COM
   Updated Date: 20-jul-2011
   Creation Date: 15-sep-1997
   Expiration Date: 14-sep-2020

Execute whois lookup after flushing your DNS local cache.

How do I re-fresh the DNS cache.

Most of the companies uses Windows server to act as DNS server along with Domain controller service. See the picture below,

In Linux

[root@rc-025 ~]# service named restart
Stopping named: .                                          [  OK  ]
Starting named:                                            [  OK  ]

[root@rc-025 ~]#

In system level

Execute this command from DOS prompt “ifconfig/flushdns”

A. NSLOOKUP command examples

1. How to check the IP address of a domain.

[root@web-test1 ~]# nslookup
Non-authoritative answer:
[root@web-test1 ~]#

Pls note the first line showing which DNS server is resolving your domain name first. Suppose if the domain name that you are trying is not found the primary DNS server cache, then it forward that nslookup query to the configured forward nameservers. Then you can see secondary name server will be listed at the same place. But second time primary DNS server pick that nslookup entry and stored in cache.

Now I want check your DNS record on other public name servers, Apply the command nslookup domain_name public_nameserver.

[root@web-test1 ~]# nslookup -type=A
Non-authoritative answer:

2. Identify the mail server details

[root@web-test1 ~]# nslookup -type=mx
Non-authoritative answer:  mail exchanger = 30  mail exchanger = 40  mail exchanger = 0  mail exchanger = 10  mail exchanger = 20

Other alternative commands using Dig and Host

[root@web-test1 ~]# host -t mx mail is handled by 20 mail is handled by 30 mail is handled by 40 mail is handled by 0 mail is handled by 10
[root@web-test1 ~]# dig +short MX
[root@web-test1 ~]#

3. Identify the name servers of a domain

[root@web-test1 ~]# nslookup -type=NS | head -n 6
Non-authoritative answer:  nameserver =  nameserver =
[root@web-test1 ~]#
[root@web-test1 ~]# dig +short NS

4. Verifying SPF record value OR txt record

Eg: nslookup -type=txt

[root@web-test1 ~]# nslookup -type=txt | head -n5
Non-authoritative answer:    text = "v=spf1 ip4: ip4: a mx ip4: ?all"
[root@web-test1 ~]#

5. Verifying the DKIM key values

[root@web-test1 ~]# nslookup -type=txt | head -n6
Non-authoritative answer: text = "k=rsa\; p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhANyIBJ6GjcOJJfXSCzHIApJuv6VkjKjYRRRnjAV1GbRVLl9rhWSjc6SbjobtUqPlHDKCP/gGkapamRYNPWB1GFCfVU/NMsv/7mtD4vYrPsDcaBWJFGeh3+gHx6wooRpIiwIDAQAB\;"

6. Verifying the CNAME record set for a domain.

In my case this help me a lot to fix an issue when I’ve enabled DKIM key associated with an email address in Amazon SES.

[root@web-test1 ~]# nslookup -type=CNAME |  head -n5
Non-authoritative answer:        canonical name =
[root@web-test1 ~]#

7. How do I check the Reverse DNS (RDNS) of a domain.

You will get better email delivery if you have setup RDNS,SPF and DKIM keys for that domain. This should be implemented for bulk email servers along with IP rotation mail bombing.

Usage : Host

[root@web-test1 ~]# host domain name pointer
[root@web-test1 ~]#

1 comment to Useful information of nslookup, whois commands

  • VPNs are more stealthy, and more secure, so they’ll get you past more firewalls. On the other hand, the multi-payer games are made with the Macromedia Flash and other 2D and 3D animation software. This also means that bugs affecting the browser will not easily result in you losing your credit-card data, private information or Windows being affected and exploited.

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>