Wishlist 0 ¥0.00
Location
  English

Using Nslookup in Windows to List DNS Servers and Records

技术文章

Nslookup (name server lookup) is a command-line tool that is used to diagnose and validate DNS servers and records, and to find name resolution problems in the DNS subsystem. The nslookup tool was originally developed as a part of the BIND package and ported to Windows by Microsoft. Nslookup is currently a built-in tool in all supported versions of Windows.

 

How to Use Nslookup to Check DNS Records?

Using the nslookup utility, you can determine the IP address of any server by its DNS name, perform the reverse DNS lookup, and get information about the various DNS records for a specific domain name.

When running, Nslookup sends queries to the DNS server that is specified in your network connection settings. This address is considered the default (preferred) DNS server. The user can specify the address of any other available DNS server. As a result, all subsequent DNS requests will be sent to it.

 

You can view or change your preferred and alternative DNS server IP addresses in the network connection properties.

nslookup list dns servers

Or you can get your DNS server setting from the CLI prompt using the ipconfig command:

ipconfig /all

list all dns servers in domain

You can use the nslookup tool in interactive or non-interactive mode.

 
 

To run a DNS query using nslookup tool in non-interactive mode, open a Command prompt, and run the command:

Nslookup theitbros.com

nslookup dns server list

In this example, we requested the IP address of theitbros.com domain. The nslookup utility queries the DNS server (it is specified in the Server line) and it returned that this name matches the IP address 37.1.214.145 (A and AAAA records are shown by default).

This response indicates that your DNS server is available, works properly, and processes requests for resolving DNS names.

If you received such an answer:

Server: dns1.contoso.com

Address: хх.хх.хх.хх

*** dns1.contoso.com can’t find theitbros.com: Non-existent domain

 
 

This means that no entries were found for this domain name on the DNS server.

If your DNS server is unavailable or not responding, you will receive a DNS request timed out error.

find all dns servers on network

In this case, check if you have specified the correct DNS server address and whether there is a problem with the network connection from the IS provider.

The Non-authoritative answer means that the DNS server that executed the request is not the owner of the theitbros.com zone (there are no records about this domain in its database) and to perform name resolution a recursive query to another DNS server was used.

You can enable and disable the recursive nslookup mode using the commands (by default, recursive DNS queries are enabled):

set recurse

set norecurse

You can access an authoritative DNS server by specifying its address directly in the parameters of the nslookup utility. For example, to resolve a name on the authoritative DNS server (that contains this domain) use the command:

Nslookup theitbros.com ns1.theitbros.com

When you run nslookup without parameters, the utility switches to the interactive mode. In this mode, you can execute various commands. A complete list of available internal commands of the nslookup utility can be displayed by typing a question.

 
 

Tip. Note that nslookup commands are case sensitive.

find all dns servers on domain

To close the interactive nslookup session, type exit and press Enter.

To find the DNS servers that are responsible for a specific domain (Name Server authoritative servers), run the following commands:

set query=ns

theitbros.com

nslookup list all records

You can perform reverse lookups (get DNS name by IP address). Just type the IP address in the nslookup interactive prompt and press Enter.

nslookup show dns server

Using Nslookup to Get Different DNS Record Types

The default nslookup resource records type is A and AAAA, but you can use different types of resource records:

 
 
  • A
  • ANY
  • CNAME
  • GID
  • HINFO:
  • MB
  • MG
  • MINF
  • MR
  • MX
  • NS
  • PTR
  • SOA
  • TXT
  • UID
  • UINFO
  • WKS

You can set specific record types to lookup using the nslookup parameter:

-type=<record_type>

For example, to list all mail servers configured for a specific domain (MX, Mail eXchange records), run the command:

nslookup -type=mx theitbros.com

find dns servers on network

Non-authoritative answer:

theitbros.com   MX preference = 10, mail exchanger = mail.theitbros.com

theitbros.com   MX preference = 20, mail exchanger = mail.theitbros.com

mail.theitbros.com      internet address = 37.1.214.145

mail.theitbros.com      internet address = 37.1.214.145

 
 

As you can see, this domain has 2 MX records with priorities 10 and 20 (the lower the number, the higher the priority of the MX address). If you don’t see MX records, they probably just aren’t configured for that domain.

To list all DNS records in the domain zone, run the command:

nslookup -type=any theitbros.com

list all dns records for a domain nslookup

Non-authoritative answer:

theitbros.com   internet address = 37.1.214.145

theitbros.com   nameserver = ns2.theitbros.com

theitbros.com   nameserver = ns1.theitbros.com

theitbros.com   MX preference = 10, mail exchanger = mail.theitbros.com

 
 

theitbros.com   MX preference = 20, mail exchanger = mail.theitbros.com

ns2.theitbros.com       internet address = 74.80.224.189

ns1.theitbros.com       internet address = 37.1.214.145

mail.theitbros.com      internet address = 37.1.214.145

mail.theitbros.com      internet address = 37.1.214.145

To get the SOA record (Start of Authority – start DNS zone record, which contains information about the domain zone, its administrator’s address, serial number, etc.), use the option -type=soa:

nslookup -type=soa theitbros.com

theitbros.com

primary name server = pdns1.registrar-servers.com

 
 

responsible mail addr = hostmaster.registrar-servers.com

serial = 1601449549

refresh = 43200 (12 hours)

retry = 3600 (1 hour)

expire = 604800 (7 days)

default TTL = 3601 (1 hour 1 sec)

pdns1.registrar-servers.com internet address = 156.154.130.200

pdns1.registrar-servers.com AAAA IPv6 address = 2610:a1:1022::200

 
 

nslookup nameservers

  • primary name server;
  • responsible mail addr — domain administrator email address (This email address is being protected from spambots. You need JavaScript enabled to view it.). Since the @ symbol in the zone description has its own meaning, it is replaced by a dot in this field);
  • serial — the serial number of the zone file, used to record changes. The following format is usually used: YYYYMMDDHH;
  • refresh — the period of time (in seconds) after which the secondary DNS server will send a request to the primary one to check if the serial number has changed;
  • retry — specifies the interval for reconnecting to the primary DNS server if for some reason it was unable to respond to the request;
  • expire — specifies how long the DNS cache is kept by the secondary DNS server, after which it will be considered expired;
  • default TTL — “Time to Live” seconds. Refers to how long your DNS settings must be cached before they are automatically refreshed.

If you want to list the TXT records of a domain (for example, when viewing SPF settings), run the command:

nslookup -type=TXT theitbros.com

The debug option allows you to get additional information contained in the headers of client DNS requests and server responses (lifetime, flags, record types, etc.):

set debug

how to find all dns servers in domain

You can view the current values for all specified nslookup options with the command:

> set all

Default Server: ns1.theitbros.com

Address: 192.168.1.11

 
 

Set options:

nodebug

defname

search

recurse

nod2

novc

noignoretc

 
 

port=53

type=A+AAAA

class=IN

timeout=2

retry=1

root=A.ROOT-SERVERS.NET.

domain=xxx

MSxfr

 
 

IXFRversion=1

srchlist=xxx

list dns servers in domain

By default, DNS servers listen on UDP port 53, but you can specify a different port number if necessary using the -port option:

nslookup port 56 theitbros.com

or interactively:

set port = 56

You can change the interval to wait for a response from the DNS server. This is usually necessary on slow or unstable network links. By default, if no response comes within 5 seconds, the request is repeated, increasing the waiting time by two times. But you can manually set this value in seconds using the -timeout option:

nslookup -timeout=10 theitbros.com

So, in this article, we covered the basics of working with the nslookup command on Windows.

If the directory is removed from IIS, but remains in AD, you must first remove the directory from AD using the Remove-XXXVirtualDirectory cmdlet (where XXX is the name of the directory: ECP, OWA, etc.).

 
 

get all dns servers in domain

If the directory is still in IIS but is not present in the Active Directory configuration, you must remove it from the IIS configuration. To do this, we need the Metabase Explorer tool from the IIS 6 Resource Kit (requires Net Framework 3.5 Feature).

Launch IIS Metabase Explorer, go to Exchange > LM > W3SVC > 1 > ROOT. Delete the directory you want by right-clicking on it and choosing Delete.

list all dns servers

Restart IIS:

iisreset /force

Now attempt to create the virtual directory again using the New-EcpVirtualDirectory, New-OwaVirtualDirectory, or New-WebApplication cmdlets

How to Create Reverse DNS Lookup Zones and PTR Record on Windows DNS Server?

技术文章

A Reverse DNS Lookup zone is a special DNS zone type, which is needed to perform a reverse DNS server query and to resolve the host or domain name by its IP using a PTR record. The IP addresses in the reverse lookup zone are stored in a special reverse format. For example, the IP address of the node 111.222.000.003 in the reverse zone will be stored as 003.000.222.111.in-addr.arpa.
The in-addr.arpa zone is required to resolve the host name by its IP using a PTR record.

 

The PTR record is the reverse version of the A record. I.e. the A record associates a domain name with an IP address, and a PTR record associates an IP address with a canonical host name. These two DNS records are independent of each other. For example, the host mail.theitbros.com may be associated with the IP address 217.1.1.x, and the IP address 217.1.1.x point to a completely different host name.

Typically, the PTR records are used for spam protection. When receiving a letter, most email SMTP servers perform a reverse DNS lookup to verify the sender’s server hostname by its IP address. For example, when receiving an e-mail from a third-party server, the SMTP mail server can check the PTR record for the IP address of the sender server from which the email was received. If the name in the PTR record doesn’t match the name of the sending server from which the email message was received, the receiving server drops the email session from such a server (this is one of the many spam checks performed).

You can check the PTR records using the nslookup or dig command.
For example, check the PTR record in the reverse zone for the IP address 37.1.214.xxx:

nslookup 37.1.214.xxx

You should get something like this:

Server:  dns.google
Address:  8.8.8.8
Name:   mail.theitbros.com
Address:  37.1.214.xxx

In this case, the PTR record for IP 37.1.214.xxx points on mail.theitbros.com

Linux users can use the following command to verify PTR records:

 
 
dig -x 37.1.214.xxx

Lets’ look on how to create a reverse DNS zone and PTR record in the DNS server on Windows Server 2016/2012 R2:

  1. Open the DNS Management Console (dnsmgmt.msc);
  2. Expand your DNS server node, right-click on “Reverse Lookup Zones” and select “New Zone”;
    reverse dns lookup
  3. In the zone creation wizard, specify the type of the new zone—Primary Zone;
    reverse dns check
  4. Specify that you want to replicate this zone to all controllers in your domain;
    reverse name lookup
  5. Select IPv4 Reverse Lookup Zone type (usually) or IPv6;
  6. Specify the IP subnet for the zone. In this example, we will add a reverse zone for the subnet 10.1.1.0/24;
    reverse ip address lookup
  7. Next, specify whether to allow dynamic zone update. As a rule, you need to choose “Allow only secure dynamic updates (recommended for Active Directory)”;
  8. Click Next > Next > Finish.

Now your new reverse DNS zone has appeared in the Reverse Lookup Zones section and you can create a PTR record.

  1. Right-click your new reverse lookup zone and select “New Pointer (PTR)”;
    reverse dns record
  2. Specify the IP address and host name. As you can see, the FQDN of the host in reverse zone is looks like 24.1.1.10.in-addr.arpa.
    nslookup reverse dns

Now you can check this PTR records in DNS:

nslookup 10.1.1.24

reverse nslookup

Configure DNS Reverse Lookup Zones and PTR Records (Windows Server 2016)

技术文章

In this tutorial, I’ll show you step by step instructions for configuring reverse DNS lookup zones and PTR Records on Windows Server 2016.

Reverse lookup zones are used to resolve IP addresses to a hostname. For reverse lookup zones to work they use a PTR record that provides the mapping of the IP address in the zone to the hostname.

For example, I can look up the IP 10.1.2.88 and see that it resolves to the hostname “nodaway”.  Without a reverse lookup zone and PTR record, I would not be able to do this.

Do You Really Need Reverse Lookup Zones and PTR Records?

Every network is different so it depends. Unless you host your own email server or have an application that requires it may not be required.

Even if you don’t have requirements for them I still recommend setting them up because they are extremely helpful when troubleshooting. You can read more about this in my DNS Best Practices guide.

How to Configure Reverse Lookup Zones on Windows Server 2016

These steps are very similar across other all server versions server versions (2008, 2012).

Step 1: Open the DNS Management Console

On Windows Server 2016 just type DNS in the search Box to quickly find the DNS console.

Step 2: Create New Reverse Lookup Zone

In the DNS console right click on “Reverse Lookup Zones” and Select “New Zone”

This will start the new zone wizard.

Step 3: Choose Zone Type (New Zone Wizard)

On the Zone Type page select Primary Zone

Choose to replicate to all DNS servers running on domain controllers in this domain.

Choose IPv4 or IPv6, for this demo I’m setting up IPv4.

Now, type in the start of the subnet range of your network.

For this demo I’m setting up a zone for subnet 192.168.0.0/24.

Choose dynamic update option.

I recommend picking the first option “Allow only secure dynamic updates”

That completes the wizard, click finish

Verify Reverse Lookup Zone

Back in the DNS console click on “Reverse Lookup Zone”

I can now see the new zone listed. The subnet will display backwards that is normal.

Now I’ll click the 0.168.192.in.addr.arpa zone to view the reocrds

So far I have only the SOA and NS resource records, no PTR records.

Once clients start dynamically updating their DNS the PTR records should start populating. You can also manually create PTR records for systems that are not configured to dynamically update.

How to Create PTR Records

Lets walk through manually creating a PTR record. This is only needed if a system is not configured to dynamically update. This may be the case for systems with static IP addresses like servers.

Right click the zone and select “New Pointer (PTR)”

Enter the Host IP Address and Host name fields and click OK.

I’m creating a record for IP, 192.168.0.206 with the hostname of pc1.

Back in the DNS console I can see the PTR record listed.

How to Verify PTR Record Is Working

To verify the PTR record works open up PowerShell (command prompt will work also).

type nslookup followed by the IP you want to lookup.

You can see in the picture above the IP returned the hostname PC1.

That is all there is to it.

Pretty easy right?

Recommended Tool: SolarWinds Server & Application Monitor

This utility was designed to Monitor Active Directory and other critical services like DNS & DHCP. It will quickly spot domain controller issues, prevent replication failures, track failed logon attempts and much more.

What I like best about SAM is it’s easy to use dashboard and alerting features. It also has the ability to monitor virtual machines and storage.

Download Your Free Trial Here

How to setup Reverse DNS and PTR records

技术文章

DNS can be tricky. There is a lot to know and, even when you think you have a firm grasp on it, surprises still pop up. Reverse DNS and PTR record configuration is one of those sneaky topics, but it's crucial to SPAM prevention during email delivery.

For some reason I was unable to find a clear and simple answer out there for how to accomplish this task, so that is my goal with this post. A simple explanation of reverse DNS is that it’s the exact opposite of DNS. Standard (aka forward) DNS maps a domain name to an IP address whereas reverse DNS maps an IP address to a domain name. The two are distinct and separate lookups however. Just because a forward lookup of example.com resolves to 1.2.3.4 doesn’t mean that a reverse lookup of 1.2.3.4 will resolve to example.com.

Real example:

In the case of ITWorld, the reverse DNS resolves to an Amazon EC2 cloud host which is powering its DNS servers.

Why it’s needed

The most common reason for establishing a reverse DNS is for outbound e-mail servers. Since a reverse DNS record adds further tracing to the origin of an e-mail, it also adds credibility to the e-mail server itself. For that reason, some incoming mail servers will not even consider accepting a message from an IP address which does not identify itself with a PTR record in a reverse DNS zone.

How to do it

A very important thing to note, you must create the reverse DNS zone on the authoritative DNS nameserver for the main IP address of your server. You can find out which nameserver is the authoritative server by entering the IP address you’re trying to configure into the DIG Web Interface. If the Reverse response is not provided by your nameserver, you’ll need to contact your hosting provider to help you set a PTR record. You should be able to accomplish that be emailing their support team and letting them know you’d like a PTR record set for the IP address X.X.X.X resolving to yourdomain.example.com.

If you are in control of the authoritative nameserver, the first step is to create a reverse DNS zone. The hostname for the zone has to be in a very specific format. It starts with a portion of your IP address written backward followed by .in-addr.arpa.

If for example your IP address is 192.168.0.100, you start by dropping the final octet (last set of numbers) to give you 192.168.0

Next, you need to reverse that fragment of the IP address giving you: 0.168.192

Finally, append .in-addr.arpa. leaving you with the completed reverse zone domain of: 0.168.192.in-addr.arpa.

Create the PTR Recrod

Now that you’ve created your zone file you can create the PTR record.

Add a new PTR record and for the name, enter the final digit of the IP address that you’re setting up the reverse record for. In our example, 100. For the Canonical Hostname, enter the domain name you’d like the IP address to resolve to, for instance mailserver.example.com.

After you’ve saved your zone file, allow some time for the change to propagate before validating the new reverse DNS record. If everything went properly, you should see something like the following the next time you run the DIG Web Interface Tool:

100.0.168.192.in-addr.arpa. 6230 IN PTR mailserver.example.com.

About Us

Since 1996, our company has been focusing on domain name registration, web hosting, server hosting, website construction, e-commerce and other Internet services, and constantly practicing the concept of "providing enterprise-level solutions and providing personalized service support". As a Dell Authorized Solution Provider, we also provide hardware product solutions associated with the company's services.
 

Contact Us

Address: No. 2, Jingwu Road, Zhengzhou City, Henan Province

Phone: 0086-371-63520088 

QQ:76257322

Website: 800188.com

E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

Links

Featured Articles

Follow us