Professional Documents
Culture Documents
exe
View products that this article applies to.
This article was previously published under Q200525
On This Page
• SUMMARY
• MORE INFORMATION
o Looking up Different Data Types
o Querying Directly from Another Name Server
o Using Nslookup.exe to Transfer Entire Zone
o Troubleshooting Nslookup.exe
Default Server Timed Out
Can't Find Server Name when Starting Nslookup.exe
Nslookup on Child Domain Fails
SUMMARY
Nslookup.exe is a command-line administrative tool for testing and troubleshooting DNS servers.
This tool is installed along with the TCP/IP protocol through Control Panel. This article includes
MORE INFORMATION
• At least one DNS server must be specified when you run the IPCONFIG /ALL command from
a command prompt.
• Nslookup will always devolve the name from the current context. If you fail to fully qualify a
name query (that is, use trailing dot), the query will be appended to the current context.
For example, the current DNS settings are att.com and a query is performed on
the query being unqualified. This behavior may be inconsistent with other vendor's versions
of Nslookup, and this article is presented to clarify the behavior of Microsoft Windows NT
Nslookup.exe
• If you have implemented the use of the search list in the Domain Suffix Search Order
defined on the DNS tab of the Microsoft TCP/IP Properties page, devolution will not
occur. The query will be appended to the domain suffixes specified in the list. To avoid
using the search list, always use a Fully Qualified Domain Name (that is, add the trailing
Nslookup.exe can be run in two modes: interactive and noninteractive. Noninteractive mode is
useful when only a single piece of data needs to be returned. The syntax for noninteractive mode is:
To start Nslookup.exe in interactive mode, simply type "nslookup" at the command prompt:
C:\> nslookup
Default Server: nameserver1.domain.com
Address: 10.0.0.1
>
Typing "help" or "?" at the command prompt will generate a list of available commands. Anything
typed at the command prompt that is not recognized as a valid command is assumed to be a host
name and an attempt is made to resolve it using the default server. To interrupt interactive
commands, press CTRL+C. To exit interactive mode and return to the command prompt, type exit
The following is the help output and contains the complete list of options:
A number of different options can be set in Nslookup.exe by running the set command at the
command prompt. A complete listing of these options is obtained by typing set all. See above,
To look up different data types within the domain name space, use the set type or set
q[uerytype] command at the command prompt. For example, to query for the mail exchanger
The first time a query is made for a remote name, the answer is authoritative, but subsequent
queries are nonauthoritative. The first time a remote host is queried, the local DNS server contacts
the DNS server that is authoritative for that domain. The local DNS server will then cache that
information, so that subsequent queries are answered nonauthoritatively out of the local server's
cache.
Back to the top
To query another name server directly, use the server or lserver commands to switch to that
name server. The lserver command uses the local server to get the address of the server to switch
to, while the server command uses the current default server to get the address.
Example:
C:\> nslookup
Nslookup can be used to transfer an entire zone by using the ls command. This is useful to see
all the hosts within a remote domain. The syntax for the ls command is:
Using ls with no arguments will return a list of all address and name server data. The -a switch will
return alias and canonical names, -d will return all data, and -t will filter by type.
Example:
>ls domain.com
[nameserver1.domain.com]
nameserver1.domain.com. NS server = ns1.domain.com
nameserver2.domain.com NS server =
ns2.domain.com
nameserver1 A 10.0.0.1
nameserver2 A 10.0.0.2
>
Zone transfers can be blocked at the DNS server so that only authorized addresses or networks can
perform this function. The following error will be returned if zone security has been set:
For additional information, see the following article or articles in the Microsoft Knowledge Base:
Troubleshooting Nslookup.exe
When starting the Nslookup.exe utility, the following errors may occur:
*** Can't find server name for address w.x.y.z: Timed out
NOTE: w.x.y.z is the first DNS server listed in the DNS Service Search Order list.
*** Can't find server name for address 127.0.0.1: Timed out
The first error indicates that the DNS server cannot be reached or the service is not running on that
computer. To correct this problem, either start the DNS service on that server or check for possible
connectivity problems.
The second error indicates that no servers have been defined in the DNS Service Search Order list.
To correct this problem, add the IP address of a valid DNS server to this list.
For additional information, see the following article or articles in the Microsoft Knowledge Base:
*** Can't find server name for address w.x.y.z: Non-existent domain
This error occurs when there is no PTR record for the name server's IP address. When Nslookup.exe
starts, it does a reverse lookup to get the name of the default server. If no PTR data exists, this
error message is returned. To correct make sure that a reverse lookup zone exists and contains PTR
For additional information, see the following article or articles in the Microsoft Knowledge Base:
When querying or doing a zone transfer on a child domain, Nslookup may return the following
errors:
In DNS Manager, a new domain can be added under the primary zone, thus creating a child domain.
Creating a child domain this way does not create a separate db file for the domain, thus querying
that domain or running a zone transfer on it will produce the above errors. Running a zone transfer
on the parent domain will list data for both the parent and child domains. To work around this
problem, create a new primary zone on the DNS server for the child domain.