nslookup oddities (Was: SRV record not working)
Lee
ler762 at gmail.com
Mon Aug 20 02:28:49 UTC 2018
On 8/19/18, Doug Barton <dougb at dougbarton.us> wrote:
> On 08/19/2018 12:11 PM, Lee wrote:
>> On 8/18/18, Doug Barton <dougb at dougbarton.us> wrote:
>
>>> nslookup uses the local resolver stub. That's fine, if that's what you
>>> want/need to test. If you want to test specific servers, or what is
>>> visible from the Internet, etc. dig is the right tool, as the answers
>>> you get from nslookup cannot be guaranteed to be directly related to the
>>> question you asked.
>>
>> Could you expand on that a bit please? I thought
>> nslookup <name> <server>
>> was pretty much equivalent to
>> dig <name> @<server>
>>
>> the exception being that nslookup looks for a & aaaa records and dig
>> just looks for a records
>
> Nope. Depending on what operating system you're on, what version of
> nslookup you have, how you format your query, and how the system is
> configured; even telling nslookup to query a specific server may not get
> you the answer you're looking for.
That's still awfully vague. Do you have any examples of
nslookup <name> <server>
returning bad information?
> If you want to know what answer your stub resolver is going to return
> for a given query, nslookup is a great tool. Although, if you just need
> to know what address record you'll get back, ping works just as well.
ping just shows one address; "nslookup www.yahoo.com" shows all of them
> If you want to really debug DNS you need to learn to use dig, and
> understand the output.
Agreed. If you're serious about debugging DNS you needs to learn dig.
But the assertion is
>>> ... the answers
>>> you get from nslookup cannot be guaranteed to be directly related to the
>>> question you asked.
so I'm wondering how, or under what circumstances, nslookup returns
invalid information.
Thanks
Lee
More information about the bind-users
mailing list