Using Nslookup
Nslookup is a standard command-line tool provided in most DNS server implementations, including Windows Server 2012. Windows Server 2012 gives you the ability to launch nslookup from the DNS snap-in.
When nslookup is launched from the DNS snap-in, a command prompt window opens automatically. You enter nslookup commands in this window.
Nslookup offers you the ability to perform query testing of DNS servers and to obtain detailed responses at the command prompt. This information can be useful for diagnosing and solving name resolution problems, for verifying that resource records are added or updated correctly in a zone, and for debugging other server-related problems. You can do a number of useful things with nslookup:
- Use it in noninteractive mode to look up a single piece of data.
- Enter interactive mode, and use the debug feature.
- Perform the following from within interactive mode:
- Set options for your query.
- Look up a name.
- Look up records in a zone.
- Perform zone transfers.
- Exit nslookup.
When you are entering queries, it is generally a good idea to enter FQDNs so that you can control what name is submitted to the server. However, if you want to know which suffixes are added to unqualified names before they are submitted to the server, you can enter nslookup in debug mode and then enter an unqualified name.
Using Nslookup on the Command Line
nslookup DNS_name_or_IP_address server_IP_addressUsing Nslookup in Interactive Mode
Nslookup is a lot more useful in interactive mode because you can enter several commands in sequence. Entering nslookup by itself (without specifying a query or server) puts it in interactive mode, where it will stay until you type exit and press Enter. Before that point, you can look up lots of useful stuff. Following are some of the tasks you can perform with nslookup in interactive mode:
Setting Options with the set Command While in interactive mode, you can use the set command to configure how the resolver will carry out queries. Table 2.5 shows a few of the options available with set.
TABLE 2.5 Command-line options available with the set command
| Option | Purpose |
| set all | Shows all the options available. |
| set d2 | Puts nslookup in debug mode so that you can examine the query and response packets between the resolver and the server. |
| set domain=domain name | Tells the resolver what domain name to append for unqualified queries. |
| set timeout=timeout | Tells the resolver how long to keep trying to contact the server. This option is useful for slow links where queries frequently time out and the wait time must be lengthened. |
| set type=record type | Tells the resolver which type of resource records to search for (for example, A, PTR, or SRV). If you want the resolver to query for all types of resource records, type settype=all. |
Looking Up a Name While in interactive mode, you can look up a name just by typing it: stellacon.com. In this example, stellacon is the owner name for the record for which you are searching, and .com is the server that you want to query.
You can use the wildcard character (*) in your query. For example, if you want to look for all resource records that have k as the first letter, just type k* as your query.
Looking Up a Record Type If you want to query a particular type of record (for instance, an MX record), use the set type command. The command set type=mx tells nslookup that you’re interested only in seeing MX records that meet your search criteria.
Listing the Contents of a Domain To get a list of the contents of an entire domain, use the ls command. To find all the hosts in your domain, you’d type set type=a and then type ls –t yourdomain.com.
Troubleshooting Zone Transfers You can simulate zone transfers by using the ls command with the -d switch. This can help you determine whether the server you are querying allows zone transfers to your computer. To do this, type the following: ls –d domain__name.
Nslookup Responses and Error Messages
A successful nslookup response looks like this:
Server: Name_of_DNS_server
Address: IP_address_of_DNS_server
Response_data
Nslookup might also return an error message. Some common messages are listed in Table 2.6:
TABLE 2.6 Common nslookup error messages
| Error Message | Meaning |
| DNS request timed out. Timeout was x seconds. *** Can't find server name for addressIP_Address: Timed out *** Default servers are not available Default Server: Unknown Address: IP_address_of_DNS_server | The resolver did not locate a PTR resource record (containing the hostname) for the server IP address you specified. Nslookup can still query the DNS server, and the DNS server can still answer queries. |
| *** Request to Server timed-out | A request was not fulfilled in the allotted time. This might happen, for example, if the DNS service was not running on the DNS server that is authoritative for the name. |
| *** Server can't findName_or_IP_address_queried_for: No response from server | The server is not receiving requests on UDP (User Datagram Protocol) port 53. |
| *** Server can't findName_or_IP_address_queried_for: Non-existent domain | The DNS server was unable to find the name or IP address in the authoritative domain. The authoritative domain might be on the remote DNS server or on another DNS server that this DNS server is unable to reach. |
| *** Server can't findName_or_IP_address_queried_for: Server failed | The DNS server is running, but it is not working properly. For example, it might include a corrupted packet, or the zone in which you are querying for a record might be paused. However, this message can also be returned if the client queries for a host in a domain for which the DNS server is not authoritative. You will also receive the error if the DNS server cannot contact its root servers, it is not connected to the Internet, or it has no root hints. |
In Exercise 2.6, you’ll get some hands-on practice with the nslookup tool.
Using the nslookup Command
1. Press the Windows key on the keyboard (left side between the Ctrl and Alt keys), and then choose Computer. Navigate to the C:\Windows\System32 folder, and double-click CMD.exe. (When you get to this file, you can right-click the file and choose Send To Desktop. The shortcut will then always be available on the desktop.)
2. Type nslookup, and press the Enter key. (For the rest of the exercise, use the Enter key to terminate each command.)
3. Try looking up a well-known address: Type www.microsoft.com .
4. Try looking up a nonexistent host: Type www.example.ccccc . Notice that your server indicates that it can’t find the address and times out. This is normal behavior.
5. Type Exit at the prompt. Type Exit again to leave the command prompt.
Using DNSLint
Microsoft Windows Server 2012 DNS can use the DNSLint command-line utility to help diagnose some common DNS name-resolution issues and to help diagnose potential problems of incorrect delegation. You need to downloadDNSLint from the Microsoft Download Center.
dnslint /d This function helps diagnose the reasons for “lame delegation” and other related DNS problems.
dnslint /ql This function helps verify a user-defined set of DNS records on multiple DNS servers.
dnslint /ad This function helps verify DNS records pertaining to Active Directory replication.
Here is the syntax for DNSLint:
dnslint /d domain_name | /ad [LDAP_IP_address] | /ql input_file
[/c [smtp,pop,imap]] [/no_open] [/r report_name]
[/t] [/test_tcp] [/s DNS_IP_address] [/v] [/y]
The following are some sample queries:
dnslint /d stellacon.com
dnslint /ad /s 192.168.36.201
dnslint /ql dns_server.txt
dnslint /ql autocreate
dnslint /v /d stellacon.com
dnslint /r newfile /d stellacon.com
dnslint /y /d stellacon.com
dnslint /no_open /d stellacon.com
Table 2.7 explains the command options.
TABLE 2.7 DNSLint command options
| Command Option | Meaning |
| /d | Domain name that is being tested. |
| /ad | Resolves DNS records that are used for Active Directory forest replication. |
| /s | TCP/IP address of host. |
| /ql | Requests DNS query tests from a list. This switch sends DNS queries specified in an input file. |
| /v | Turns on verbose mode. |
| /r filename | Allows you to create a report file. |
| /y | Overwrites an existing report file without being prompted. |
| /no_open | Prevents a report from opening automatically. |
Using Ipconfig
You can use the command-line tool ipconfig to view your DNS client settings, to view and reset cached information used locally for resolving DNS name queries, and to register the resource records for a dynamic update client. If you use the ipconfig command with no parameters, it displays DNS information for each adapter, including the domain name and DNS servers used for that adapter. Table 2.8 shows some command-line options available withipconfig.
TABLE 2.8 Command-line options available for the ipconfig command
| Command | What It Does |
| ipconfig /all | Displays additional information about DNS, including the FQDN and the DNS suffix search list. |
| ipconfig /flushdns | Flushes and resets the DNS resolver cache. For more information about this option, see the section “Configuring DNS” earlier in this chapter. |
| ipconfig /displaydns | Displays the contents of the DNS resolver cache. For more information about this option, see “Configuring DNS” earlier in this chapter. |
| ipconfig /registerdns | Refreshes all DHCP leases and registers any related DNS names. This option is available only on Windows 2000 and newer computers that run the DHCP client service. |
You should know and be comfortable with the ipconfig commands related to DNS for the exam.
Using DNSCmd
DNSCmd allows you to display and change the properties of DNS servers, zones, and resource records through the use of command-line commands. The DNSCmd utility allows you to modify, create, and delete resource records and/or zones manually, and it allows you to force replication between two DNS servers.
Table 2.9 lists some of the DNSCmd commands and their explanations.
TABLE 2.9 DNSCmd command-line options
| Command | Explanation |
| dnscmd /clearcache | Clears the DNS server cache |
| dnscmd /config | Resets DNS server or zone configuration |
| dnscmd /createdirectorypartition | Creates a DNS application directory partition |
| dnscmd /deletedirectorypartition | Deletes a DNS application directory partition |
| dnscmd /enumrecords | Shows the resource records in a zone |
| dnscmd /exportsettings | Creates a text file of all server configuration information |
| dnscmd /info | Displays server information |
| dnscmd /recordadd | Adds a resource record to a zone |
| dnscmd /recorddelete | Deletes a resource record from a zone |
| dnscmd /zoneadd | Creates a new DNS zone |
| dnscmd /zonedelete | Deletes a DNS zone |
| dnscmd /zoneexport | Creates a text file of all resource records in the zone |
| dnscmd /zoneinfo | Displays zone information |
| dnscmd /zonerefresh |
No comments:
Post a Comment