How to Use Nslookup Command with Examples

The Nslookup (which stands for name server lookup) is a basic, yet popular, networking command-line utility used to query a DNS server for resource records for a domain. This tool is often used for troubleshooting DNS or name resolution issues. With nslookup, a query can be sent to a specific DNS server, or the list of DNS servers in the IP settings can be used. Nslookup can also be used to query several different types of DNS records.

These commands shown here are tested on Windows 10 but most will work in other versions of Windows as well.

Table of Content

How to Open Command Prompt

To use this utility, you will need to launch the Command Prompt window. The three common ways to launch the Command Prompt window are:

  1. Search for cmd using the built-in Windows search tool.
  2. Right-click on the Start icon and select Command Prompt.

  3. Press the keyboard combination WinKey + R, then type cmd at the Run window that appears.

    Run cmd


Interactive vs Non-Interactive Mode

The nslookup utility can be used in one of two modes: interactive and non-interactive. In interactive mode, you are able to query for information about a website or a server, and to also print a list of hosts on a domain. To go into interactive mode, type nslookup at the command window then press Enter.

In the screenshot example below, you can tell you are in interactive mode by looking at style of the prompt.

nslookup - interactive mode

To get help on available switches, type help then press Enter.

To exit interactive mode, simply type exit then press Enter.

With non-interactive mode, you would typically use this when you only need to execute a single lookup.

Authoritative vs Non-Authoritative Response

In the output of nslookup, you will often notice the statement "non-authoritiative answer" (as illustrative below) as part of the lookup result. This is to tell you know that the results was provided by a server that is not the authoritative (primary) source. Typically, this means the result was provided by a server (such as your Internet service provider) that held a cached copy of the DNS record. This is important because the DNS record may have been changed recently and the cached copy may not reflect the most up-to-date information.

nslookup - non-authoritative answer

An authoritative answer is when the DNS server hosting the primary copy of the DNS record responses to your lookup. See the example below on how to get an authoritative response.

The reason why the primary authoritative server isn't involved in responding to all nslookup queries is to reduce server load. By maintaining cached copy of DNS records on secondary servers (which is updated from the primary server at a defined interval), query response time is minimized and the primary server isn't inundated with queries.

How to Find the A Record (IP Address) of a Domain or Server

The simpliest function of Nslookup, and also commonly used, is to query for the IP address of a remote host. The host can be a website, an email server, or other servers that you can lookup with a hostname. As an example, to obtain the IP address for the website, type the following in the command window then press Enter: nslookup

In the screenshot example below, the lookup identifies as the IP address for the website

nslookup - get ip address

If the screenshot example below, the lookup identifies multiple IP addresses for mail server


How to Find the NS Record for a Domain

The NS record of a domain is a map to all name servers that are authoritative for that domain. You can query for the NS records using the switch -type=ns. For example, to obtain the NS record for the website, type the following in the command window then press Enter: nslookup -type=ns

If the example below, the lookup identifies and as the two name servers for the domain

nslookup - type NS

How to Find the MX Records (Email Servers) for a Domain

To check the MX records (email servers) for a domain, use the -type=ns switch. For example, to find out the email server for the domain, type the following in the command window then press Enter: nslookup -type=mx

If the screenshot below, the lookup identifies as the email server for the domain

nslookup - mx lookup

How to Perform a Reverse DNS Lookup

A reverse DNS lookup with querying for a server name based on an IP address you provide. For example, to identify the server name for the IP address, type the following in the command window then press Enter: nslookup

As the screenshot below shows, the nslookup returns the server name of for the IP address

NSLookup - Reverse Query

How to Find the SOA Record of a Domain

To query for the SOA (Start of Authority) record for a domain, such as, type the following in the command window then press Enter: nslookup -type=soa The SOA record is a special resource record that contains administrative details for a particular DNS zone such as the domain name administrator's contact information and synchronization parameters for other DNS servers.

NSlookup - SOA

How to Find an Authoritative Response

Typically, most of the responses to your nslookup queries are going to be non-authoritative. Meaning the response is from a cached copy from a third-party and not from the primary DNS server holding the master copy. For troubleshooting purposes, it's important to realize that a cached copy may not contain the most up-to-date information.

To get an authoritative answer, you will need to specify the authoritative name server as part of your request. To do this, include the -type=soa switch and nslookup will respond back with the name of the authoritative name server. For example, to find out the authoritative name server for, type the following in the command window then press Enter:

nslookup -type=soa

nslookup - soa

As highlighted in the illustration above, the name server for is With this information, we can now perform nslookup queries and specify this name server to get authoritative responses. For example, to get an authoritative response to the we used in an example above, type the following in the command window then press Enter:


nslookup - authoritative response

As the illustration above shows, the result does not state this is a non-authoritative response - as was the case when we performed the same nslookup in a previous example.

Common Error Messages

Connection Refused or Network is Unreachable - The connection to the DNS name server or finger server could not be made. This error commonly occurs with ls and finger requests.

Format Error - The DNS name server found that the request packet was not in the proper format. It may indicate an error in nslookup.

No Records - The DNS name server does not have resource records of the current query type for the computer, although the computer name is valid. The query type is specified with the set querytype command.

No Response From Server - No DNS name server is running on the server computer.

Non-Existent Domain - The computer or domain name does not exist. Check to make sure your spelling is correct.

Refused - The DNS name server refused to service the request.

Server Failure - The DNS name server found an internal inconsistency in its database and could not return a valid answer.

Timed Out - The server did not respond to a request after a certain amount of time and a certain number of retries. You can set the time-out period with the set timeout subcommand. You can set the number of retries with the set retry subcommand.


Redirect Output to Text File

  • Instead of displaying the results on the screen, you can have the results saved automatically to a text file on your computer. To do this, simply use the ">" symbol followed by the folder path and file name of your choice. For example, to redirect the output of nslookup, type the following in the command window then press Enter:

    nslookup > c:\temp\nslookup-results.txt

    This will create a file named nslookup-results.txt in the folder path c:\temp that will have your result. You can then open this file with any text editor, such as Notepad on a Windows computer, as illustrated below.

    nslookup redirected output

Recommended Reading

Improve confidence and job performance

Improve productivity and efficiency

Learn more,
earn more

To learn more about this topic, we are providing you with recommendations to help you further your knowledge. These are our affiliate links to Amazon where you can purchase them and also explore a variety of other relevant books.


The nslookup utility can provide a wealth of information for troubleshooting DNS issues.While not a common tool used for most troubleshooting calls, it is a useful utility to use when transferring a domain from one hosting provider to another or when configuring the DNS record for a new domain name.


Windows Command Line Administration Instant Reference

Buy from Amazon


Microsoft Windows Command-Line Administrator's Pocket Consultant

Buy from Amazon


Windows PowerShell Cookbook: The Complete Guide to Scripting Microsoft's Command Shell

Buy from Amazon