Linux has a powerful DNS tool available through dig, which can be used to query for a specific nameserver-record (A, AAAA, MX, … ) and ask your query to a specific nameserver. What most people don’t realize is, that you can also do this on a normal windows installation, using nslookup.
Nslookup is a tool which is by default installed on any Windows-desktop or server. It can be accessed through the command line only, by typing “nslookup
C:\Documents and Settings\Administrator> nslookup google.com
Server: [The DNS server used to query the information, usually your local ISP's nameserver]
Address: [DNS server IP address]
Non-authoritative answer:
Name: google.com
Addresses: 64.233.187.99, 72.14.207.99, 64.233.167.99
This result contains 2 global parts. The first 2 lines are to display the default nameserver used to retrieve the information. If you try the command, that output will probably be different. It’ll most likely refer to your local ISP’s nameserver, or perhaps a local router/switch in your network, that acts as a nameserver/nameserver-proxy.
The last 3 lines are the actual result of the lookup. Next to the “Addresses”-answer, you will find a list of all A-records for “google.com”. If no specific nameserver record type is given, it assumes you’re querying for the A-record.
You can also specify that you want to check for MX records, and on a specific nameserver, instead of the default one. You can do so by typing in the following:
C:\Documents and Settings\Administrator>nslookup
Default Server: [The default nameserver used to make the query]
Address: [The IP address of the default nameserver]
> server ns1.google.com
Default Server: ns1.google.com
Address: 216.239.32.10
>
> set type=mx
> google.com
Server: ns1.google.com
Address: 216.239.32.10
google.com MX preference = 10, mail exchanger = smtp1.google.com
google.com MX preference = 10, mail exchanger = smtp2.google.com
google.com MX preference = 10, mail exchanger = smtp3.google.com
google.com MX preference = 10, mail exchanger = smtp4.google.com
google.com nameserver = ns1.google.com
google.com nameserver = ns2.google.com
google.com nameserver = ns3.google.com
google.com nameserver = ns4.google.com
smtp1.google.com internet address = 209.85.237.25
smtp2.google.com internet address = 64.233.167.25
smtp3.google.com internet address = 64.233.183.25
smtp4.google.com internet address = 72.14.215.25
ns1.google.com internet address = 216.239.32.10
ns2.google.com internet address = 216.239.34.10
ns3.google.com internet address = 216.239.36.10
ns4.google.com internet address = 216.239.38.10
This might seem as a lot more, but it’s really not that much. Let’s split things up.
By typing in “nslookup” alone, you can enter additional parameters. You can type “server ns1.google.com” to specify the nameserver that will be used to query for the information. And by typing “set type=mx” you tell the nslookup-command to query for the MX-records (Mail Exchange) of a domain. Next up, you just type in the domain name you want to query, such as “google.com”.
The cleaned up version would look as follows:
C:\Documents and Settings\Administrator>nslookup
...
server ns1.google.com
...
set type=mx
...
google.com
Performing a nslookup against a specific query allows you to check if certain nameserver-record changes have already propagated through to the most important ISP’s in your country, if they allow non-customers to query their nameservers. It can also be used to place yourself in a client’s position, to see what they see when they browse to a website. It can be something of great value, when used wisely!