Problem with NSLOOKUP

Michael Milligan milli at acmebw.com
Fri Jun 4 10:32:25 UTC 1999 

>
>So get the reverse DNS setup, or contact whoever's doing it for you, and
>get them to set it up, and this will go away
>

And throw away nslookup while you're at it...  Use 'dig' instead.  'Dig'
will not confuse you like nslookup does because you are forced to feed dig
the right question to ask in the first place, no short-cutting, no implicit
mind reading.  And dig does not complain of "non-existant this or that" if
it's not in relation to what you typed.  Nslookup has the annoying habit of
complaining about something completely unrelated to the question you asked,
but confusing you by implying that it is.

Example:

You type:  nslookup 199.191.128.103
Implied (whether you know it or not):  nslookup -q=ptr
103.128.191.199.in-addr.arpa.
You get:
---
Server:  localhost
Address:  127.0.0.1

Name:    rbru.br.rs.els-gms.att.net
Address:  199.191.128.103
---

Nslookup discovers the 'Server' name by reverse-mapping the first IP address
in your resolver configuration.  This is one place where it can complain of
"non-existant domain" or "server failed".  That's what you saw.  It is
completely unrelated to your query.  (Here, I have the first 'nameserver'
directive point to my loopback interface, 127.0.0.1.  Can you guess why?)

Let's try dig...

You type:  dig 199.191.128.103
You get:
---
; <<>> DiG 8.2 <<>> 199.191.128.103
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      199.191.128.103, type = A, class = IN

;; Total query time: 4 msec
;; FROM: shadow.acmebw.com to SERVER: default -- 127.0.0.1
;; WHEN: Fri Jun  4 03:13:17 1999
;; MSG SIZE  sent: 33  rcvd: 33
---

Strange result.  There is no 199.191.128.103 domain much less a A record
there.  So, to get what you really wanted (a name from an IP address), you
have to know to ask for PTR records under the in-addr.arpa domain.  Once you
know that...

You type:  dig PTR 103.128.191.199.in-addr.arpa
You get (something like):
---
; <<>> DiG 8.2 <<>> PTR 103.128.191.199.in-addr.arpa
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUERY SECTION:
;;      103.128.191.199.in-addr.arpa, type = PTR, class = IN

;; ANSWER SECTION:
103.128.191.199.in-addr.arpa.  23h24s IN PTR  rbru.br.rs.els-gms.att.net.

;; AUTHORITY SECTION:
128.191.199.in-addr.arpa.  5d23h56m59s IN NS  WYCU.WY.BR.NP.els-gms.att.net.
128.191.199.in-addr.arpa.  5d23h56m59s IN NS  OHCU.OH.MT.NP.els-gms.att.net.
128.191.199.in-addr.arpa.  5d23h56m59s IN NS  MACU.MA.MT.NP.els-gms.att.net.
128.191.199.in-addr.arpa.  5d23h56m59s IN NS  ORCU.OR.BR.NP.els-gms.att.net.

;; ADDITIONAL SECTION:
WYCU.WY.BR.NP.els-gms.att.net.  1d23h56m59s IN A  199.191.128.43
OHCU.OH.MT.NP.els-gms.att.net.  1d23h56m59s IN A  199.191.144.75
MACU.MA.MT.NP.els-gms.att.net.  1d23h56m59s IN A  199.191.145.136
ORCU.OR.BR.NP.els-gms.att.net.  1d23h56m59s IN A  199.191.129.139

;; Total query time: 10 msec
;; FROM: shadow.acmebw.com to SERVER: default -- 127.0.0.1
;; WHEN: Fri Jun  4 03:15:22 1999
;; MSG SIZE  sent: 46  rcvd: 271
---

Nslookup has plenty of other quirks, like appending search lists (implicit
or explicit) and not clearly showing what it was doing.  Nslookup has served
for many years as a land mine for the uninitiated.  Dig it up and throw it
away.

Regards,
Mike

--
Michael Milligan - Acme Byte & Wire LLC - milli at acmebw.com

More information about the bind-users mailing list