nslookup oddities (Was: SRV record not working)

Doug Barton dougb at dougbarton.us
Mon Aug 20 05:31:57 UTC 2018 

And don't forget NIS, and NSSwitch. And don't get me started on the 
tricks that the windows resolver plays.

On 08/19/2018 07:59 PM, Mark Andrews wrote:
> nslookup applies the search list by default and doesn’t stop on a NODATA response.
> 
> Some versions of nslookup have been modified by OS vendors to use /etc/hosts for address lookups.
> 
> nslookup doesn’t display the entire response by default.
> 
> 
>> On 20 Aug 2018, at 12:28 pm, Lee <ler762 at gmail.com> wrote:
>>
>> On 8/19/18, Doug Barton <dougb at dougbarton.us> wrote:
>>> On 08/19/2018 12:11 PM, Lee wrote:
>>>> On 8/18/18, Doug Barton <dougb at dougbarton.us> wrote:
>>>
>>>>> nslookup uses the local resolver stub. That's fine, if that's what you
>>>>> want/need to test. If you want to test specific servers, or what is
>>>>> visible from the Internet, etc. dig is the right tool, as the answers
>>>>> you get from nslookup cannot be guaranteed to be directly related to the
>>>>> question you asked.
>>>>
>>>> Could you expand on that a bit please?  I thought
>>>>    nslookup <name> <server>
>>>> was pretty much equivalent to
>>>>   dig <name> @<server>
>>>>
>>>> the exception being that nslookup looks for a & aaaa records and dig
>>>> just looks for a records
>>>
>>> Nope. Depending on what operating system you're on, what version of
>>> nslookup you have, how you format your query, and how the system is
>>> configured; even telling nslookup to query a specific server may not get
>>> you the answer you're looking for.
>>
>> That's still awfully vague.  Do you have any examples of
>>     nslookup <name> <server>
>> returning bad information?
>>
>>> If you want to know what answer your stub resolver is going to return
>>> for a given query, nslookup is a great tool. Although, if you just need
>>> to know what address record you'll get back, ping works just as well.
>>
>> ping just shows one address; "nslookup  www.yahoo.com" shows all of them
>>
>>> If you want to really debug DNS you need to learn to use dig, and
>>> understand the output.
>>
>> Agreed.  If you're serious about debugging DNS you needs to learn dig.
>> But the assertion is
>>>>> ... the answers
>>>>> you get from nslookup cannot be guaranteed to be directly related to the
>>>>> question you asked.
>>
>> so I'm wondering how, or under what circumstances, nslookup returns
>> invalid information.
>>
>> Thanks
>> Lee

More information about the bind-users mailing list