Linux troubleshooting commands: 4 tools for DNS name resolution problems
Name resolution is the process of relating easy-to-remember names with difficult-to-remember Internet Protocol (IP) addresses. The Domain Name System (DNS) provides name resolution services in most environments. These internal servers host a dynamic database of names and related IP addresses. These names may be as simple as hostnames or as complex as fully qualified domain names and web URLs.
DNS servers host resource records, such as start of authority (SOA), name server (NS), and mail exchange (ME). The two most common record types are A and pointer records (PTR). The A records service forwards lookup requests, specifying that a given name is related to a particular IP address. PTR maps an IP address to a particular name. When a forward lookup query arrives, it is serviced by the A record for that name. When a reverse lookup query arrives, the PTR for that IP address services it.
What might make you suspect a name resolution problem? Perhaps a user comments that they can no longer reach a resource such as a file server or printer, or an email server seems unavailable. Users may experience intermittent difficulty accessing an internal web server or related service. Perhaps users can connect to a server, but it isn't the correct server, so an unexpected web page is displayed.
Because there are many types of name servers, especially in large networks, it can be difficult to determine the culprit. When troubleshooting, it can be useful to query specific name servers and examine their administrative resource records.
Install the tools
This article compares four useful tools for testing name resolution on your Linux systems:
Before you begin, ensure the commands are installed. The
ping command is probably already on your system, provided by the
iputils package, but the other ones are in
bindutils and aren't installed by default. Install them using
$ sudo dnf install bind-utils
How to use ping
ping command can help narrow down name resolution problems. This is a fundamental Linux troubleshooting technique.
First, test connectivity by hostname, assuming a remote host named server01 with an IP address of 192.168.1.101:
$ ping -c 3 server01
If this succeeds and name resolution works, you probably don't need to continue along this line of testing. If this test fails, try the
ping command with the remote IP address:
$ ping -c 3 192.168.1.101
If this works, connectivity exists. Name resolution is the problem since that's where the failure appears. Now you can begin troubleshooting why the system isn't resolving names properly.
ping by IP address fails, you have a network connectivity problem rather than a name resolution problem, and you can troubleshoot in that direction.
Ping helps you narrow down whether you have a name resolution issue or something else is happening.
[ Keep common commands close at hand. Download the Linux commands cheat sheet. ]
How to use nslookup
nslookup command has been around a while. It has two modes: non-interactive and interactive. This article focuses on non-interactive mode since it most closely resembles the functionality of
In non-interactive mode, simply type
nslookup and the destination name (or URL) you need to resolve:
$ nslookup server01
This output should display the IP address for server01, along with information about which server resolves the name. If this fails, it indicates a name resolution problem.
Perform a reverse lookup (resolving a known IP address to an unknown name) by typing:
$ nslookup 192.168.1.101
To see specific resource record types, use the
-type= option. Here's an example that queries for the MX records of the example.com domain:
$ nslookup -type=MX example.com
Many administrators work on multiple platforms. Nslookup is notable for being preinstalled on Microsoft Windows, which means you can learn one troubleshooting tool and use it on two platforms.
How nslookup compares
Nslookup is the oldest of the three tools and has been on the deprecation chopping block at least once. However, it's still around. One concern about
nslookup compared to
dig is the format of its responses. It may be more difficult to extract information due to its layout. This becomes important when
nslookup is used within a larger script.
How to use dig
Like the other commands in this article,
dig enables you to make manual name resolution queries. It provides an immense amount of detail about the results, so many people prefer using it for significant troubleshooting tasks.
Generate forward lookups like this:
$ dig server01
Initiate a reverse lookup by using the
-x option and the known IP address:
$ dig -x 192.168.1.101
Query the name server for specific record types by appending the type to the command:
$ dig example.com MX
This resolves the mail server for the example.com domain name.
As you can see, similar functionality exists within
[ Learn how to manage your Linux environment for success. ]
How dig compares
dig provides similar information as
nslookup in a more organized format that's easier to parse.
How to use host
Doing manual name resolutions with the
host command are also straightforward.
Here is the basic syntax for a forward lookup:
$ host server01
Here's the syntax for a reverse lookup:
$ host 192.168.1.101
Querying for SOA records relies on the
$ host -C example.com
-t option causes the
host command to display the specified record type. The following example queries for the MX records of example.com:
$ host -t mx example.com
If you're not sure which record types you need or if you want to see them all, use the
-a (any) option:
$ host -a example.com
To narrow the query's scope to either IPv4 or IPv6 records, add the
-6 options to the regular syntax. This may speed up query results in large networks or provide the focused information you need for additional troubleshooting.
host provides both forward and reverse lookups along with resource record type queries.
How host compares
Administrators may prefer
host for its simplicity. Sometimes the detailed output from
dig is too distracting or provides more information than is really required. For a quick, basic response, try
host. It may also be the right solution for your scripts.
To some degree,
host provide the same information and offer similar filtering options. The one you use in your next troubleshooting task may simply be the one that's installed, especially if you work with multiple distributions or have created your own Linux version. I recommend knowing how to do a basic query with all three tools.
Some command options require a DNS zone transfer, which often is not allowed by the DNS server. Be aware of this, particularly for external name resolution servers or other DNS servers you don't manage.
Finally, don't forget that
ping is a good place to start. It's a quick way of determining whether name resolution is working correctly before delving deeper into manual resolution attempts that may not be part of the issue.