host versus nslookup

Lightner, Jeff JLightner at
Wed Oct 12 20:18:20 UTC 2011

So hitting yourself in the head with a shovel is better?  :p

-----Original Message-----
From: at [ at] On Behalf Of David Miller
Sent: Wednesday, October 12, 2011 4:08 PM
To: bind-users at
Subject: Re: host versus nslookup

On 10/12/2011 3:01 PM, Kevin Darcy wrote:
> On 10/12/2011 1:21 PM, Martin McCormick wrote:
>> Many years ago, various flavors of unix began distributing a
>> utility called host which did almost the same thing as nslookup.
>> Host is what I use most of the time, now, and I actually thought
>> that nslookup on unix systems was maybe going away.
>>     A coworker recently asked me about nslookup on our
>> FreeBSD system and I verified the behavior he was asking about.
>>     Other than a different output format, what are the
>> advantages of having both host and nslookup.
>>     On the FreeBSD system in question, nslookup is
>> definitely a different binary than is host so one is not
>> hard-linked to the other.
>>     The behavior he was asking about was simply that all
>> foreign domains that one looks up with nslookup report as
>> non-authoritative since the DNS one is using isnot authoritative
>> for, say, or
>>     This is not a problem. I am just curious.
> nslookup has lots of problems. Four that I can cite off the top of my
> head:
> 1) most versions of nslookup will stop dead in their tracks if they
> can't reverse-resolve the name of whatever resolver they're trying to
> use (even though that's basically irrelevant to the actual lookup that
> the user requested)
> 2) nslookup will by default use a searchlist, but it does this
> completely invisibly by default (unless a debugging option is turned
> on), and thus will often mis-represent the real result of the query
> (e.g. you look up, that gets a SERVFAIL, then
> unbeknownst to the user, nslookup tries the searchlist'ed name
> and reports the resulting NXDOMAIN as
> the final error of the lookup, thus obscuring the real error -- SERVFAIL)
> 3) the default output format of nslookup doesn't distinguish the
> result of the query from the identity of the resolver clearly enough,
> so unsophisticated users will often think that the name they're
> looking up actually resolves to the address of the DNS resolver, and
> much hilarity ensues (mis-routed trouble tickets, drama, confusion, etc.)
> 4) some versions of nslookup display atypical DNS responses (e.g.
> dangling CNAMEs, referrals) in very confusing, non-intuitive ways.
>                                             - Kevin

Use dig.

Always use dig.  If dig isn't installed - install dig and then use dig.
Make dig part of your default set of packages on all boxes.

"host vs nslookup?" is asking whether you should hit your self in the
head with a small or large hammer.

Put down the hammer and use dig.


Please visit to unsubscribe from this list

bind-users mailing list
bind-users at

Athena(r), Created for the Cause(tm)
Making a Difference in the Fight Against Breast Cancer

CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.

More information about the bind-users mailing list