07 Jan 2024

How to Install and Use ‘nslookup’ Linux Command

Posted in Bash, Linux, Systems Administration By Gabriel Ramuglia On January 7, 2024

Visual depiction of the installation of the nslookup command used for querying DNS to obtain domain name or IP address mapping

Are you trying to troubleshoot network issues on your Linux system? You might find the task daunting, especially if you’re new to Linux. However, the ‘nslookup’ command, like a detective, can be your powerful ally in investigating DNS servers and checking domain name/IP mappings. The ‘nslookup’ command is also readily available on most package management systems, so whether you’re using Debian and Ubuntu for APT package management or CentOS and AlmaLinux for YUM package manager, this guide has got you covered.

In this comprehensive guide, we will walk you through the process of installing and using the ‘nslookup’ command in Linux. We will delve into advanced topics like compiling from source and installing a specific version of the command. Finally, we will wrap up with guidance on how to use the command and verify the correct version is installed.

So, let’s dive in and start installing the ‘nslookup’ command on your Linux system!

TL;DR: How Do I Install and Use the ‘nslookup’ Command in Linux?

In most Linux distributions, the nslookup command comes pre-installed, you can verify this with the command, which nslookup. However, if it’s not, you can install it in Debian based distributions like Ubuntu by running the command sudo apt-get install dnsutils. For distributions like CentOS that use the yum package manager, you would run the command sudo yum install bind-utils.

# For Debian based distributions like Ubuntu
sudo apt-get install dnsutils

# Output:
# Reading package lists... Done
# Building dependency tree       
# Reading state information... Done
# dnsutils is already the newest version (1:9.11.3+dfsg-1ubuntu1.15).
# 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

# For CentOS and similar distributions
sudo yum install bind-utils

# Output:
# Loaded plugins: fastestmirror
# Loading mirror speeds from cached hostfile
# Package bind-utils-9.11.4-26.P2.el7.x86_64 already installed and latest version
# Nothing to do

This is just a basic way to install the ‘nslookup’ command in Linux, but there’s much more to learn about installing and using ‘nslookup’. Continue reading for more detailed information and advanced usage scenarios.

Table of Contents

Understanding the ‘nslookup’ Command
Installing ‘nslookup’ from Source Code
Installing Different Versions of ‘nslookup’
Using ‘nslookup’ and Verifying Installation
Exploring Alternative DNS Querying Methods
Overcoming Common ‘nslookup’ Challenges
Demystifying DNS: The Foundation of ‘nslookup’
The Bigger Picture: DNS Querying and Network Security
Wrapping Up: Installing ‘nslookup’ for Efficient DNS Querying

Understanding the ‘nslookup’ Command

The ‘nslookup’ command is a network administration tool used for querying the Domain Name System (DNS) to obtain domain name or IP address mapping, or other DNS records. It’s like your personal detective for investigating network issues and verifying that your DNS is functioning correctly.

Installing ‘nslookup’ with APT

If you’re using a Debian-based distribution like Ubuntu, the ‘nslookup’ command usually comes pre-installed. However, if for some reason it’s missing, you can install it using the Advanced Package Tool (APT).

sudo apt update
sudo apt install dnsutils

# Output:
# Reading package lists... Done
# Building dependency tree
# Reading state information... Done
# dnsutils is already the newest version (1:9.11.3+dfsg-1ubuntu1.15).
# 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

This command updates your package lists, then installs the ‘dnsutils’ package, which includes ‘nslookup’.

Installing ‘nslookup’ with YUM

For distributions like CentOS that use the Yellowdog Updater, Modified (YUM) package manager, you can install ‘nslookup’ by installing the ‘bind-utils’ package.

sudo yum check-update
sudo yum install bind-utils

# Output:
# Loaded plugins: fastestmirror
# Loading mirror speeds from cached hostfile
# Package bind-utils-9.11.4-26.P2.el7.x86_64 already installed and latest version
# Nothing to do

This command checks for updates, then installs the ‘bind-utils’ package, which includes ‘nslookup’.

Installing ‘nslookup’ from Source Code

If you need the absolute latest version of ‘nslookup’, or if your distribution doesn’t package it, you can compile it from source. Here’s how you can do it:

# Download the latest BIND (Berkeley Internet Name Domain) source code
wget ftp://ftp.isc.org/isc/bind9/9.11.2/bind-9.11.2.tar.gz

# Extract the downloaded file
 tar -xvzf bind-9.11.2.tar.gz

# Navigate into the extracted directory
 cd bind-9.11.2

# Configure the build
 ./configure

# Compile the source code
 make

# Install the compiled program
 sudo make install

Installing Different Versions of ‘nslookup’

From Source

To install a specific version of ‘nslookup’ from source, you would simply download and extract the tarball for that version, then follow the same steps as above.

Using Package Managers

APT

With APT, you can install a specific version of a package using the syntax package=version.

sudo apt-get install dnsutils=1:9.11.3+dfsg-1ubuntu1.15

YUM

With YUM, you can list all available versions of a package with yum --showduplicates list package, then install a specific version with yum install package-version.

yum --showduplicates list bind-utils
sudo yum install bind-utils-9.11.4-26.P2.el7.x86_64

Key Changes and Features

Different versions of ‘nslookup’ may have different features or bug fixes. For example, version 9.11.2 added support for the EDNS Client Subnet (ECS) option, which can improve DNS performance by providing more accurate location data.

Version	Key Features	Compatibility
9.11.2	Support for EDNS Client Subnet	Most Linux distributions
9.11.3+dfsg-1ubuntu1.15	Bug fixes, performance improvements	Ubuntu, Debian
9.11.4-26.P2.el7.x86_64	Security fixes	CentOS, RHEL

Using ‘nslookup’ and Verifying Installation

Basic Usage

Once you’ve installed ‘nslookup’, you can use it to query your DNS server. For example, to look up the IP address for ‘google.com’, you would run:

nslookup google.com

# Output:
# Server:       127.0.1.1
# Address:  127.0.1.1#53
#
# Non-authoritative answer:
# Name: google.com
# Address: 172.217.164.110

Verifying Installation

To verify that ‘nslookup’ is installed correctly, you can use the ‘which’ command, which shows the path to the binary of a command.

which nslookup

# Output:
# /usr/bin/nslookup

This command should return the path to ‘nslookup’, confirming that it’s installed and in your PATH.

Exploring Alternative DNS Querying Methods

While ‘nslookup’ is a powerful tool for DNS querying, it’s not the only one available in Linux. Other commands like ‘dig’ can serve as robust alternatives, each with its unique set of features and benefits.

Using the ‘dig’ Command

The ‘dig’ (Domain Information Groper) command is another popular tool for network administrators. It’s part of the same package as ‘nslookup’ and provides more detailed DNS information.

# Use dig to query DNS information for google.com
 dig google.com

# Output:
# ; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> google.com
# ;; global options: +cmd
# ;; Got answer:
# ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55344
# ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
# ;; OPT PSEUDOSECTION:
# ; EDNS: version: 0, flags:; udp: 65494
# ;; QUESTION SECTION:
# ;google.com.          IN  A
# ;; ANSWER SECTION:
# google.com.       141 IN  A   172.217.164.110
# ;; Query time: 0 msec
# ;; SERVER: 127.0.1.1#53(127.0.1.1)
# ;; WHEN: Mon Jan 17 12:34:56 CST 2023
# ;; MSG SIZE  rcvd: 55

As you can see, ‘dig’ provides a lot more information than ‘nslookup’, including the query time, server, and message size. This can be useful for more advanced network troubleshooting and analysis.

Advantages and Disadvantages of ‘dig’ and ‘nslookup’

Tool	Advantages	Disadvantages
‘nslookup’	Simple and easy to use, Comes pre-installed on most distributions	Provides less detailed information
‘dig’	Provides more detailed information, Can query specific types of records	More complex to use

Recommendations

For beginners or simple tasks, ‘nslookup’ is usually sufficient. However, if you need more detailed information or specific types of DNS records, ‘dig’ can be a more powerful tool. As always, the best tool depends on your specific needs and expertise level.

Overcoming Common ‘nslookup’ Challenges

While ‘nslookup’ is a powerful tool, you might encounter some issues when using it. Here are some common problems and their solutions.

‘nslookup: command not found’

If you see this error, it means that ‘nslookup’ is not installed or not in your PATH. You can install it using your package manager, as explained previously.

If it’s installed but not in your PATH, you can find it using the ‘find’ command:

find / -name nslookup 2>/dev/null

# Output:
# /usr/bin/nslookup

This command searches your entire filesystem for ‘nslookup’ and prints its location. The ‘2>/dev/null’ part suppresses error messages.

‘Connection timed out; no servers could be reached’

This error means that ‘nslookup’ couldn’t connect to your DNS server. This could be due to network issues, or your DNS server might be down.

You can try using a different DNS server by specifying it on the command line:

nslookup google.com 8.8.8.8

# Output:
# Server:  8.8.8.8
# Address: 8.8.8.8#53
#
# Non-authoritative answer:
# Name:    google.com
# Address: 216.58.217.46

This command uses Google’s public DNS server (8.8.8.8) to look up ‘google.com’.

Understanding ‘Non-authoritative answer’

When you see ‘Non-authoritative answer’ in the ‘nslookup’ output, it means the information came from a DNS server that is not the final authority on that domain. This is normal when querying public DNS servers, and the information is usually accurate.

However, if you need authoritative information, you can query the domain’s name servers directly. You can find these using ‘nslookup’ with the ‘-type=ns’ option:

nslookup -type=ns google.com

# Output:
# Server:  127.0.1.1
# Address: 127.0.1.1#53
#
# Non-authoritative answer:
# google.com        nameserver = ns4.google.com.
# google.com        nameserver = ns3.google.com.
# google.com        nameserver = ns2.google.com.
# google.com        nameserver = ns1.google.com.

This command returns the name servers for ‘google.com’. You can then query these servers directly for authoritative information.

Remember, ‘nslookup’ is a powerful tool, but like any tool, it requires some understanding and practice to use effectively. With these tips and tricks, you’ll be well on your way to mastering ‘nslookup’.

Demystifying DNS: The Foundation of ‘nslookup’

To fully grasp the power of the ‘nslookup’ command, it’s crucial to understand the underlying concept it operates on – the Domain Name System (DNS).

What is DNS?

DNS is a decentralized system that translates human-friendly domain names, like ‘google.com’, into IP addresses that computers use to identify each other on the network. In essence, it’s like a phonebook for the internet. Without DNS, we would have to remember the IP addresses of all the websites we want to visit, which is not practical.

# To demonstrate, let's use 'nslookup' to find the IP address of 'google.com'
nslookup google.com

# Output:
# Server:  127.0.1.1
# Address: 127.0.1.1#53
#
# Non-authoritative answer:
# Name:    google.com
# Address: 172.217.164.110

In this example, ‘nslookup’ queried the DNS server and returned the IP address of ‘google.com’. This is the fundamental operation of DNS – translating domain names into IP addresses.

Importance of DNS in Network Administration

As a network administrator, DNS is one of the key systems you’ll interact with. Whether you’re setting up a new server, diagnosing network issues, or managing your organization’s domains, you’ll need to understand DNS.

The ‘nslookup’ command is a powerful tool for working with DNS. It allows you to query DNS servers, check domain name/IP mappings, and troubleshoot DNS issues. By mastering ‘nslookup’, you’re taking a significant step in your journey as a network administrator.

The Bigger Picture: DNS Querying and Network Security

The ‘nslookup’ command and its counterparts like ‘dig’ are not just tools for network administration. They are also critical for maintaining and enhancing network security. Understanding DNS querying can help you identify potential vulnerabilities and protect your network from threats.

DNS Security (DNSSEC)

DNS Security Extensions (DNSSEC) is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS).

DNSSEC provides DNS resolvers with cryptographic signatures to verify the authenticity of DNS data. This prevents attacks like DNS spoofing, where an attacker can redirect traffic to a malicious server.

# Checking DNSSEC validation for 'google.com'
 dig +dnssec google.com

# Output:
# ; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> +dnssec google.com
# ;; global options: +cmd
# ;; Got answer:
# ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55344
# ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
# ;; OPT PSEUDOSECTION:
# ; EDNS: version: 0, flags: do; udp: 65494
# ;; QUESTION SECTION:
# ;google.com.          IN  A
# ;; ANSWER SECTION:
# google.com.       141 IN  A   172.217.164.110
# ;; Query time: 0 msec
# ;; SERVER: 127.0.1.1#53(127.0.1.1)
# ;; WHEN: Mon Jan 17 12:34:56 CST 2023
# ;; MSG SIZE  rcvd: 55

In this example, the ‘+dnssec’ option tells ‘dig’ to check for DNSSEC validation. The ‘ad’ flag in the output indicates that the answer is authentic.

Further Resources for Mastering DNS Querying

DNS and BIND, 5th Edition by Cricket Liu and Paul Albitz: This book is a comprehensive guide to DNS and BIND, providing in-depth information on DNS concepts, installation, configuration, and administration.
The Linux Documentation Project: DNS HOWTO: This guide provides a practical introduction to DNS, including how to set up a DNS server and how to use DNS tools like ‘nslookup’.
Internet Systems Consortium: BIND: The official website for BIND, the most widely used DNS software on the internet. It provides detailed documentation, tutorials, and a user forum.

Wrapping Up: Installing ‘nslookup’ for Efficient DNS Querying

In this comprehensive guide, we’ve explored the ‘nslookup’ command in Linux, a powerful tool for querying the Domain Name System (DNS) and troubleshooting network issues.

We started with the basics, learning how to install ‘nslookup’ using different package managers like APT and YUM. We then delved into more advanced topics, such as installing ‘nslookup’ from source and using specific versions of the command.

Along the way, we’ve addressed common challenges you might face when using ‘nslookup’, such as command not found errors and connection timeouts. We’ve provided solutions and workarounds for each problem, equipping you with the tools you need to overcome these hurdles.

We’ve also explored alternative approaches to DNS querying, comparing ‘nslookup’ with other commands like ‘dig’. Here’s a quick comparison of these methods:

Method	Pros	Cons
‘nslookup’	Simple and easy to use, Comes pre-installed on most distributions	Provides less detailed information
‘dig’	Provides more detailed information, Can query specific types of records	More complex to use

Whether you’re just starting out with ‘nslookup’ or you’re looking to level up your network administration skills, we hope this guide has given you a deeper understanding of ‘nslookup’ and its capabilities.

With its balance of simplicity, power, and versatility, ‘nslookup’ is a valuable tool for any network administrator. Happy troubleshooting!

About Author

Gabriel Ramuglia

Gabriel is the owner and founder of IOFLOOD.com, an unmanaged dedicated server hosting company operating since 2010.Gabriel loves all things servers, bandwidth, and computer programming and enjoys sharing his experience on these topics with readers of the IOFLOOD blog.

We Love Servers.