Skip to content

Practice Exercise: # DNS Troubleshooting with nslookup in Linux

Introduction

In this lab, you will learn how to effectively use the nslookup command in Linux for DNS (Domain Name System) troubleshooting. DNS is a critical component of network communication, translating human-readable domain names into IP addresses. Understanding how to diagnose and resolve DNS issues is essential for a System Reliability Engineer (SRE).

Prerequisites

  • A Linux server with nslookup installed (You can use any Linux distribution like Ubuntu, CentOS, or Debian).
  • Basic knowledge of the Linux command line.
  • Internet connectivity from the Linux server.

Scenario

You are a System Reliability Engineer (SRE) responsible for troubleshooting DNS issues on a Linux server acting as a client. Your goal is to use the nslookup command to diagnose and resolve DNS problems. You will perform various exercises to practice troubleshooting DNS issues.

Lab Procedures

Task 1: Verify DNS Configuration

  • Open a terminal on your Linux server.
  • Run the following command to check the DNS configuration: 
    nslookup google.com
  • Note down the IP address of the DNS server used.

Task 2: Test DNS Resolution

  • Use nslookup to resolve the IP address of google.com: 
    nslookup google.com
  • Ensure that the IP address matches the one you noted in Step 1.

Task 3: Test Reverse DNS Lookup

  • Perform a reverse DNS lookup for an IP address: 
    nslookup 8.8.8.8
  • Verify that it resolves to a meaningful hostname.

Task 4: Query Specific DNS Server

  • Query a specific DNS server (e.g., 8.8.4.4) for a domain name: 
    nslookup google.com 8.8.4.4
  • Compare the results with the default DNS server.

Task 5: Query a Non-Existent Domain

  • Try to resolve a non-existent domain: 
    nslookup nonexistentsite123.com
  • Analyze the error message.

Task 6: Diagnose DNS Timeout

  • Test DNS resolution for a site known to be slow or unavailable: 
    nslookup slowwebsite.com
  • Analyze the timeout message.

Task 7: Debug DNS with Verbose Output

  • Use verbose mode to get detailed information about DNS queries: 
    nslookup -debug google.com
  • Examine the verbose output for additional insights.

Task 8: Check DNS Cache

  • Check the local DNS cache for cached records: 
    nslookup -querytype=any google.com
  • Note any cached records and their TTL (Time To Live).

Task 9: Perform DNSSEC Validation

  • Test DNSSEC validation for a secure domain: 
    nslookup +dnssec isc.org
  • Check if DNSSEC validation was successful.

Task 10: Troubleshooting DNS with dig

- Use the `dig` command to troubleshoot DNS:
  ```bash
  dig google.com
  ```
- Compare the output with `nslookup` results.

Sample Troubleshooting Command

To troubleshoot DNS resolution issues, use the following command to trace the DNS query path:

```bash nslookup -debug google.com