DNS checking with whois, nslookup and dig
To use whois, just type at the command line e.g. :
This yields something like:
[Querying whois.internic.net] [Redirected to whois.tucows.com] [Querying whois.tucows.com] [whois.tucows.com] Registrant: Beetlebrow South Mill South Mill Road Amesbury, Wiltshire SP4 7HR GB Domain name: BEETLEBROW.COM Administrative Contact: Eveling, Ben firstname.lastname@example.org South Mill South Mill Road Amesbury, Wiltshire SP4 7HR GB 447798625064 Technical Contact: Eveling, Ben email@example.com South Mill South Mill Road Amesbury, Wiltshire SP4 7HR GB 447798625064 Registration Service Provider: UK Reg, firstname.lastname@example.org +44 1452 541252 +44 1452 538485 (fax) http://www.ukreg.com/ Registrar of Record: TUCOWS, INC. Record last updated on 27-Jun-2008. Record expires on 26-Jul-2009. Record created on 26-Jul-2000. Registrar Domain Name Help Center: http://domainhelp.tucows.com Domain servers in listed order: NS9.ZONEEDIT.COM NS18.ZONEEDIT.COM Domain status: clientTransferProhibited clientUpdateProhibited The Data in the Tucows Registrar WHOIS database is provided to you by Tucows for information purposes only, and may be used to assist you in obtaining information about or related to a domain name's registration record. Tucows makes this information available "as is," and does not guarantee its accuracy. By submitting a WHOIS query, you agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass, unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of any Registry Operator or ICANN-Accredited registrar, except as reasonably necessary to register domain names or modify existing registrations. The compilation, repackaging, dissemination or other use of this Data is expressly prohibited without the prior written consent of Tucows. Tucows reserves the right to terminate your access to the Tucows WHOIS database in its sole discretion, including without limitation, for excessive querying of the WHOIS database or for failure to otherwise abide by this policy. Tucows reserves the right to modify these terms at any time. By submitting this query, you agree to abide by these terms. NOTE: THE WHOIS DATABASE IS A CONTACT DATABASE ONLY. LACK OF A DOMAIN RECORD DOES NOT SIGNIFY DOMAIN AVAILABILITY.
This tells you if the domain is locked (domain status), and what the nameservers are called. YOu can use the domain servers to get more information with ns lookup.
Use nslookup in interactive mode. This way you can do lots of queries at once. At the command prompt type:
The tool responds with a new command line interface ">"
You then type i the name of the server you want to query (e.g. a nameserver from above from above):
Default server: ns9.zoneedit.com Address: 220.127.116.11#53
Next you tell it what kind of query you'd like to make. For example, to ask about the mailserver type:
To ask about the A records, type:
It doesn't respond except by returning you to its > prompt
now you tell it which server you're asking about. In this example, let's ask about beetlebrow.com. Just type:
Apparently the dot at the end is correct, though it seems to work without it. It responds:
Server: ns9.zoneedit.com Address: 18.104.22.168#53 beetlebrow.com mail exchanger = 0 mail7.zoneedit.com. beetlebrow.com mail exchanger = 0 mail6.zoneedit.com.
If you now typed in another server, say:
You could do another q=MX query just by typing in the domain yoiu'd like to ask about again. Similarly you could do a q=A query without retyping server ns9.zoneedit.com, or query the same nameserver for the same type of record just by typing in the new domain you want to query because nslookup remembers the last one of each that you typed in.
If you did change server to ns.zonedit.com as above, as it is not the nameserver for beetlebrow.com, you get interesting results. It tells you where to look for information i.e.
Non-authoritative answer: *** Can't find beetlebrow.com: No answer Authoritative answers can be found from: . nameserver = A.ROOT-SERVERS.NET. . nameserver = B.ROOT-SERVERS.NET. . nameserver = C.ROOT-SERVERS.NET. . nameserver = D.ROOT-SERVERS.NET. . nameserver = E.ROOT-SERVERS.NET. . nameserver = F.ROOT-SERVERS.NET. . nameserver = G.ROOT-SERVERS.NET. . nameserver = H.ROOT-SERVERS.NET. . nameserver = I.ROOT-SERVERS.NET. . nameserver = J.ROOT-SERVERS.NET. . nameserver = K.ROOT-SERVERS.NET. . nameserver = L.ROOT-SERVERS.NET. . nameserver = M.ROOT-SERVERS.NET.
You could then query one of these servers e.g.
This will then direct you to other servers, then to other servers, until you find the ones that have the information. It's great.
Not all servers are so helpful e.g. query a Clara.net nameserver about the saled.org mailserver:
server ns1.clara.net set q=MX saled.org.
** server can't find mailserver.saled.org: SERVFAIL
Thanks a bunch, Claranet! I suspect this means it doesn't have a record of this domain and won't have one until it refreshes its DNS cache. If yoiu get this far and end up with something like this, it may mean the DNS server in question has to flush its DNS cache. We won't have to do this, because we don't administer any nameservers, but it might be worth asking the DNS server adminstrators to do it.
To exit nslookup interactive mode, do a ctrl C.
There are a load of other options, and you'll find more info here:.
Reverse DNS lookup with nslookup
You can also use dig to get info, e.g. if there's anything wrong with a domain's DNS. Type:
; <<>> DiG 9.2.4 <<>> saled.org ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19843 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;saled.org. IN A ;; ANSWER SECTION: saled.org. 7200 IN A 22.214.171.124 ;; AUTHORITY SECTION: saled.org. 7200 IN NS ns8.zoneedit.com. saled.org. 7200 IN NS ns3.zoneedit.com. ;; ADDITIONAL SECTION: ns3.zoneedit.com. 146173 IN A 126.96.36.199 ns8.zoneedit.com. 61092 IN A 188.8.131.52 ;; Query time: 408 msec ;; SERVER: 184.108.40.206#53(220.127.116.11) ;; WHEN: Wed Dec 10 17:33:30 2008 ;; MSG SIZE rcvd: 123
The status:NOERROR tells us everything is set up okay.
You can also use the webbed version of some of these tools at- but generally I'd say the command line tools are more informative. Please add more info, as you find it out.