in defense of nslookup

Kevin Darcy kcd at daimlerchrysler.com
Wed Aug 7 20:06:36 UTC 2002


"Michael E. Hanson" wrote:

> nslookup is also a valuable tool in troubleshooting what appear to be
> network connectivity issues.  After validating that TCP/IP is loaded and
> working, and pinging to ensure the network is functioning at some level, the
> next step is to try to resolve names to addresses (which I can usually talk
> a customer through using a browser or some versions of ping).  If you can't
> resolve a name to an address, you look first at the client's configuration
> to verify that its referencing a valid DNS.  If it is, nslookup (or similar
> tool) will tell you whether the DNS in question is responding appropriately
> to queries.  I've run into numerous situations where a DNS was either not
> responding, or responding inappropriately.  In any case, it gives me
> information I can pass to the appropriate administrator.
>
> Now, if the DNS returns an incorrect answer (as opposed to an inappropriate
> answer), then tools like dig can help track down the errant data.
>
> So, while nslookup may not be your tool of choice for testing /debugging a
> DNS configuration, it is a valuable tool for troubleshooting a network
> connectivity issue, and its frequently available on the computers I have to
> support.  When its not available, I have a couple floppies I carry around
> that have different versions of nslookup on them (one for Win32, one for
> Linux, one for Solaris, one for HPUX, one for...).
>
> By the way, I've also used it to approximate a zone transfer to see what
> info a primary might be providing to a secondary on a full zone transfer
> (ls -d domain.com).  Its not perfect, but its a quick way to see the info if
> I'm already in nslookup.

If you just want a simple, terse version of dig, why not use "host"?


- Kevin




More information about the bind-users mailing list