DNS server IP address/hostnames are defined in /etc/resolv.conf in AIX servers.
Here is an example of /etc/resolv.conf
nameserver 192.168.2.12
nameserver 192.168.2.13
nameserver 192.168.2.14
search india.cope.com usa.cope.com uk.cope.com
Let us see few tips and tricks on using nslookup.
1. To look up address in non interactive way,
$ nslookup webserv
Server: dnserver1.india.cope.com
Address: 192.168.2.12
Name: webserv.india.cope.com
Address: 192.168.2.211
$
2. To look up address in interactive way,
$nslookup
Default Server: dnserver1.india.cope.com
Address: 192.168.2.12
> websrv
Server: dnserver1.india.cope.com
Address: 192.168.2.12
Name: webserv.india.cope.com
Address: 192.168.2.211
> exit
$
3. To look up hostname in non interactive way,
$ nslookup 192.168.2.211
Server: dnserver1.india.cope.com
Address: 192.168.2.12
Name: webserv.india.cope.com
Address: 192.168.2.211
$
4. To look up hostname in interactive way,
$ nslookup
Default Server: dnserver1.india.cope.com
Address: 192.168.2.12
> 192.168.2.211
Server: dnserver1.india.cope.com
Address: 192.168.2.12
Name: webserv.india.cope.com
Address: 192.168.2.211
> exit
$
4. To look up MX data,
$ nslookup
Default Server: dnserver1.india.cope.com
Address: 192.168.2.12
> set q=mx
> rajs
Server: dnserver1.india.cope.com
Address: 192.168.2.12
Name: rajs.india.cope.in
Address: 0.0.0.0
> exit
$
5. How to query a specific DNS server for an address ?
We can do in both interactive and non-interactive ways.
Below example will query for the IP address of the host websrv using the DNS serer "192.168.2.15" which is not specified in the /etc/resolv.conf file.
Interactive Way:
$nslookup
Default Server: dnserver1.india.cope.com
Address: 192.168.2.12
> server 192.168.2.15
Default Server: dnserver4.india.cope.com
Address: 192.168.2.15
> websrv
Server: dnserver4.india.cope.com
Address: 192.168.2.15
Name: webserv.india.cope.com
Address: 192.168.2.211
> exit
$
Non-Interactive Way:
$nslookup - websrv 192.168.2.15
Server: dnserver4.india.cope.com
Address: 192.168.2.15
Name: webserv.india.cope.com
Address: 192.168.2.211
6.What is the difference between Authoritave and Non-authoritative answers ?
When you query for something for the first time, we get the answer from the DNS server and it will be displayed as well as stored in the local cache. This is called as authoritative answer. ie., getting the answer directly from the DNS server. This answer will be kept in cache for certain time.
But when you do the same query for the second time, we get the answer from the cache instead of the DNS server. This is called as non-authoritative answer.
7. How will you specify an alternate DNS server when using nslookup ?
For using 192.168.2.24 as an alternate DNS server,
$ nslookup - 192.168.2.24
This will query the alternate server instead of the DNS servers configured in /etc/resolv.conf file.
8. How will you query a MX record in an alternate server ?
$ nslookup - type=mx bashi.usa.cope.com 192.168.2.24
9. How will you debug while querying a DNS server ?
$ nslookup
Default Server: dnserver1.india.cope.com
Address: 192.168.2.12
> set debug
> webserv
Server: dnserver1.india.cope.com
Address: 192.168.2.12
;; res_nmkquery(QUERY, websrv.india.cope.com, IN, A)
------------
Got answer:
HEADER:
opcode = QUERY, id = 54305, rcode = NOERROR
header flags: response, authoritive answer, want recursion, recursion available
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
websrv.india.cope.com, type = A, class = IN
ANSWERS:
-> webserv.india.cope.com
internet address = 192.168.2.211
ttl = 3600 (1H)
------------
Name: webserv.india.cope.com
Address: 192.168.2.211
10.
Each DNS packet is composed of 5 sections as given below
- Header Section
- Question Section
- Answer Section
- Authority Section
- Additional Section
11. You can use options with the nslookup command using 'set' sub-command.
Here are few options ...
port=53 By default, DNS service uses port 53. If you have a DNS service on a different port, you can sue the port option to specify the prot number.
timeout=10 It is used to specify the timeout value. If the name server doesn't respond in 10 seconds, nslookup will send the query again.
debug To turn on debug mode
nodebug To turn off debug mode
querytype=A By default, nslookup looks for A record. If you type the IP address, it will look for PTR record.. You can change the querytype to MX or SOA.
12. How will you come out of the interactive nslookup session.
You can use exit command or type ^D (control+D) to come out of the session.