nslookup is widely used for identify the issue which related to DNS records. There will be a many cases, that you will be in trouble with outdated DNS cache if the actual DNS entry is changed. Some scenario like Switching server to some other IP, creating/updating new host records [Type A], Changing MX record and Nameserver switching.
From my experience,nameserver switching will consume more time compare with other DNS changes. So any nameserver switching should be happened only on weekend. if you want to get fast DNS updation, you may have to configure Google name servers either your system or set next DNS forwarder to Google nameservers in your Name server.
I uses bind daemon for DNS purpose and used it for both local DNS as well as name caching server. Also I’d added Google public DNS (8.8.8.8, 8.8.4.4) and Verizon Free DNS ( 4.2.2.1-6) as forwarders in it
// these are the opendns servers (optional)
forwarders {
20.56.230.5;
8.8.8.8;
20.56.230.6;
4.2.2.1;
};
I will do a name server restart to get the new DNS updation which I’d made on domain registrars. Google showing fast updated DNS cache.
a. How do I identify the domain registrant, registration date and name servers currently used
The linux command “whois” help to get these details. We can get the age of that company or organization 
[root@rc-040 public_html]# whois google.com | more
[Querying whois.verisign-grs.com]
[whois.verisign-grs.com]
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: GOOGLE.COM
Registrar: MARKMONITOR INC.
Whois Server: whois.markmonitor.com
Referral URL: http://www.markmonitor.com
Name Server: NS1.GOOGLE.COM
Name Server: NS2.GOOGLE.COM
Name Server: NS3.GOOGLE.COM
Name Server: NS4.GOOGLE.COM
Updated Date: 20-jul-2011
Creation Date: 15-sep-1997
Expiration Date: 14-sep-2020
Execute whois lookup after flushing your DNS local cache.
How do I re-fresh the DNS cache.
Most of the companies uses Windows server to act as DNS server along with Domain controller service. See the picture below,
In Linux
[root@rc-025 ~]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@rc-025 ~]#
In system level
Execute this command from DOS prompt “ifconfig/flushdns”
A. NSLOOKUP command examples
1. How to check the IP address of a domain.
[root@web-test1 ~]# nslookup serveridol.com
Server: 192.168.0.25
Address: 192.168.0.25#53
Non-authoritative answer:
Name: serveridol.com
Address: 192.96.217.114
[root@web-test1 ~]#
Pls note the first line showing which DNS server is resolving your domain name first. Suppose if the domain name that you are trying is not found the primary DNS server cache, then it forward that nslookup query to the configured forward nameservers. Then you can see secondary name server will be listed at the same place. But second time primary DNS server pick that nslookup entry and stored in cache.
Now I want check your DNS record on other public name servers, Apply the command nslookup domain_name public_nameserver.
[root@web-test1 ~]# nslookup -type=A serveridol.com 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: serveridol.com
Address: 192.96.217.114
2. Identify the mail server details
[root@web-test1 ~]# nslookup -type=mx serveridol.com
Server: 192.168.0.25
Address: 192.168.0.25#53
Non-authoritative answer:
serveridol.com mail exchanger = 30 ASPMX2.GOOGLEMAIL.com.
serveridol.com mail exchanger = 40 ASPMX3.GOOGLEMAIL.com.
serveridol.com mail exchanger = 0 aspmx.l.google.com.
serveridol.com mail exchanger = 10 ALT1.aspmx.l.google.com.
serveridol.com mail exchanger = 20 alt2.aspmx.l.google.com.
Other alternative commands using Dig and Host
[root@web-test1 ~]# host -t mx serveridol.com
serveridol.com mail is handled by 20 alt2.aspmx.l.google.com.
serveridol.com mail is handled by 30 ASPMX2.GOOGLEMAIL.com.
serveridol.com mail is handled by 40 ASPMX3.GOOGLEMAIL.com.
serveridol.com mail is handled by 0 aspmx.l.google.com.
serveridol.com mail is handled by 10 ALT1.aspmx.l.google.com.
[root@web-test1 ~]# dig +short MX serveridol.com
10 ALT1.aspmx.l.google.com.
20 alt2.aspmx.l.google.com.
30 ASPMX2.GOOGLEMAIL.com.
40 ASPMX3.GOOGLEMAIL.com.
0 aspmx.l.google.com.
[root@web-test1 ~]#
3. Identify the name servers of a domain
[root@web-test1 ~]# nslookup -type=NS serveridol.com | head -n 6
Server: 192.168.0.25
Address: 192.168.0.25#53
Non-authoritative answer:
serveridol.com nameserver = ns07.domaincontrol.com.
serveridol.com nameserver = ns08.domaincontrol.com.
[root@web-test1 ~]#
[root@web-test1 ~]# dig +short NS serveridol.com
ns08.domaincontrol.com.
ns07.domaincontrol.com.
4. Verifying SPF record value OR txt record
Eg: nslookup -type=txt
[root@web-test1 ~]# nslookup -type=txt onlineleadfinder.com. | head -n5
Server: 192.168.0.25
Address: 192.168.0.25#53
Non-authoritative answer:
onlineleadfinder.com text = "v=spf1 ip4:173.44.142.90 ip4:173.213.92.2 a mx ip4:208.89.217.143 ?all"
[root@web-test1 ~]#
5. Verifying the DKIM key values
[root@web-test1 ~]# nslookup -type=txt default._domainkey.onlineleadfinder.com | head -n6
Server: 192.168.0.25
Address: 192.168.0.25#53
Non-authoritative answer:
default._domainkey.onlineleadfinder.com text = "k=rsa\; p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhANyIBJ6GjcOJJfXSCzHIApJuv6VkjKjYRRRnjAV1GbRVLl9rhWSjc6SbjobtUqPlHDKCP/gGkapamRYNPWB1GFCfVU/NMsv/7mtD4vYrPsDcaBWJFGeh3+gHx6wooRpIiwIDAQAB\;"
6. Verifying the CNAME record set for a domain.
In my case this help me a lot to fix an issue when I’ve enabled DKIM key associated with an email address in Amazon SES.
[root@web-test1 ~]# nslookup -type=CNAME vyon76wz2andshvnetqnlca5sf5nulyl._domainkey.onlineleadfinder.com | head -n5
Server: 192.168.0.25
Address: 192.168.0.25#53
Non-authoritative answer:
vyon76wz2andshvnetqnlca5sf5nulyl._domainkey.onlineleadfinder.com canonical name = vyon76wz2andshvnetqnlca5sf5nulyl.dkim.amazonses.com.
[root@web-test1 ~]#
7. How do I check the Reverse DNS (RDNS) of a domain.
You will get better email delivery if you have setup RDNS,SPF and DKIM keys for that domain. This should be implemented for bulk email servers along with IP rotation mail bombing.
Usage : Host
[root@web-test1 ~]# host 192.96.217.114
114.217.96.192.in-addr.arpa domain name pointer 192-96-217-114.static.servdns.com.
[root@web-test1 ~]#
Author: Liju Mathew
Visit Liju's Website - Email Liju
I'm Liju, one linux enthusiastic who have been playing with Linux for more than 7 years. I'm curious about to read blog, learning and implementing new technologies from my personal experience. Like to be play with burning head on busy schedule :-) This is a bookmark of all challenges that I'd faced which would be helpful to others sometimes as I'd learn it from the same way :-)
Nothing more, I have to go miles, before I sleep