How to do nslookup in Python
Table of Contents
The Domain Name System, usually known as DNS, is an internet phonebook that contains information about domain names. DNS transforms domain names into IP addresses, allowing browsers to access the resources.
DNS is a hierarchical, distributed, cached database system used with the TCP/IP Internet to determine an IP address from a hostname and perform reverse lookups. Authoritative servers provide this information for each domain and subdomain.
You might be familiar with the nslookup and host commands for converting hostnames to IP addresses. A records are IP address listings for individual machine names in DNS tables.
We can also use DNS to locate a list of servers to utilize when sending an email message to a specific domain name. MX records are what they’re called.
nslookup set q=mx ksu.edu
It is not always necessary to build code that interacts directly with the DNS infrastructure. The socket.gethostbyname(), socket.gethostbyaddr(), socket.getaddrinfo(), and socket.connect() functions in the socket module handle DNS resolution for us. We usually need to find our SMTP server when sending email messages. It locates the destination domain’s MX records and connects to the proper server to relay the message. Regardless, DNS is a critical component of networking. So, anytime our software wants to do DNS lookups or reverse lookups, Python makes it straightforward.
pyDNS and dnspython are the two most popular Python DNS modules. We chose the latter for the tiny programming DNS. It is easier to use and appears to be more widely used.
Dnspython gives you access to DNS at both high and low levels. The high-level classes run queries for data of a particular name, type, and class and then return a set of results. DNS zones, messages, names, and records can all be directly manipulated using the low-level classes.
Domain names are created when IP addresses are converted to human-readable forms or words. The dnspython python module manages the translation of domain names to IP addresses. CNAME and MX records can also be found using the methods provided in this module.
The dnspython module’s dns.resolver() function assists in locating various domain name records. The domain name and the record type are the two most crucial parameters for this function. The following are some of the different kinds of records, along with examples:
How to find ‘A’ Record
Using the dns.resolver method, we find the domain’s ip address in the program below. This mapping between IP address and domain name is commonly referred to as an ‘A’ record.
import dns import dns.resolver result = dns.resolver.resolve('codeunderscored.com', 'A') for ipval in result: print('IP', ipval.to_text())
We receive the following output when we run the program mentioned above:
It is an IP address record used to determine the IP address of the domain’s computer. It’s identical to an A record, except it specifies the server’s IPv6 address rather than its IPv4 address.
# Import libraries import dns.resolver # Finding AAAA record result = dns.resolver.resolve('codeunderscored.com', 'AAAA') # Printing record for val in result: print('AAAA Record : ', ipval.to_text())
PTR stands for pointer record, which is used to map IP addresses to domain names or hostnames. In addition, it’s used to perform a reverse DNS lookup.
# Import libraries import dns.resolver # Finding PTR record result = dns.resolver.resolve('188.8.131.52.in-addr.arpa', 'PTR') # Printing record for val in result: print('PTR Record : ', val.to_text())
Nameserver(NS) record is a nameserver(NS) record indicating which server is authoritative for a specific domain, i.e., which server holds the actual DNS records. A domain can have many NS records, including the primary and backup name servers.
# Import libraries import dns.resolver # Finding NS record result = dns.resolver.resolve('codeunderscored.com', 'NS') # Printing record for val in result: print('The NS Record is : ', val.to_text())
Getting the CNAME Value
A CNAME record, also known as a Canonical Name Record, is a type of DNS record used to convert a domain name to an alias for another domain. CNAME records always lead to another domain name, never to an IP address directly. To acquire the CNAME value, we use the CNAME parameter in the query method below.
import dns.resolver result = dns.resolver.resolve('mail.google.com', 'CNAME') for cnameval in result: print('The CNAME target address is :', cnameval.target)
We receive the following output when we run the program as mentioned earlier:
cname target address: googlemail.l.google.com.
locating an MX record
An MX record, also known as a mail exchanger record, is a DNS resource record that identifies a mail server that accepts email messages on behalf of a recipient’s domain. If numerous mail servers are available, it also specifies the preference value for prioritizing message delivery. If many mail servers are present for load balancing and redundancy, it has preference values based on prioritizing mail. Using the ‘MX’ parameter in the query method, we can find the value for the MX record in the same way as the previous programs.
import dns.resolver host_domain = 'hotmail.com' results =dns.resolver.resolve(host_domain, 'MX') for exdata in results: print(' MX Record:',exdata.to_text())
We receive the following output when we run the program above:
Start of Authority records, or SOA records, is a type of resource record that contains information on the zone’s administration, particularly zone transfers defined by the zone administrator.
# Import libraries import dns.resolver # Finding SOA record result = dns.resolver.resolve('codeunderscored.com', 'SOA') # Printing record for val in result: print('The SOA Record is : ', val.to_text())
These records hold text information from outside the domain sources. TXT records can be used for various purposes, such as verifying domain ownership and ensuring email security.
# Import libraries import dns.resolver # Finding TXT record result = dns.resolver.resolve('hotmail.com', 'TXT') # Printing record for val in result: print('The TXT Record is :', val.to_text())
The primary purpose of nslookup is to diagnose DNS issues. In addition, nslookup has two modes of operation: interactive and non-interactive.
In interactive mode, type nslookup and hit return on the command line.
A nslookup command prompt should appear as shown below.
Type nslookup options at the command prompt to use in non-interactive mode.
Nslookup is a tool that allows you to look up information on the internet. To demonstrate how to utilize nslookup, we’ll do the following:
- Determine a host’s IP address.
- Find the IP address’s domain name.
- Locate a domain’s mail servers.
- These are most likely the most popular use cases.
Obtaining an IP Address for a Host
Type: to find a host’s IP address, such as www.codeunderscored.com.
at the command line
For an interactive nslookup, type the following on the command prompt and enter the given domain below.
To reverse lookup IP address to the domain name, type nslookup IP address
Find a Domain’s Mail Servers
Type nslookup -querytype=mx domain name for instance,
nslookup -querytype=mx hotmail.com
Notes on General Usage:
nslookup uses the domain server that is presently configured for your system by default. In addition, you can change DNS servers by specifying a server name or an IP address.
Go to an interactive prompt and type: 184.108.40.206 to switch to the open DNS server address.
You may discover that you get non-authoritative replies. The latter is nothing to worry about, as all it implies is that the DNS server has already recently resolved this query.
It can retrieve the results from the cache and doesn’t need to call the authoritative name server. Subsequently, you may determine which name servers are responsible (authoritative) for a domain by setting the query type to NS and inputting the domain name.
Python’s DNS Lookup
The sockets module makes it simple to look up the IP address of a hostname.
The sockets module provides an easy way to look up a host name’s IP address.
import socket addr1 = socket.gethostbyname('google.com') addr2 = socket.gethostbyname('yahoo.com') print(addr1, addr2)
Running the latter code will output the following results.
Using the DNSpython resolver, you can do sensible high-level DNS lookups in Python. In case you do not already have nslookup installed, run the following command.
pip install nslookup
XN-Twist code for sensible high-level DNS lookups in Python, using dnspython dns.resolver.
The library’s central purpose and applications are as follows:
- Lookups for records (typical DNS queries)
- Lookups in SOA
- Returns an object with two arrays in it:
- full DNS response string: the entire DNS response string (s)
- answer: the DNS response that has been parsed (list of IPs or SOA string)
from nslookup import Nslookup domain = "codeunderscored.com" # set optional Cloudflare public DNS server dns_query = Nslookup(dns_servers=["220.127.116.11"]) ips_record = dns_query.dns_lookup(domain) print(ips_record.response_full, ips_record.answer) soa_record = dns_query.soa_lookup(domain) print(soa_record.response_full, soa_record.answer)
The article has comprehensively explored the Domain Name System as an internet phonebook with information on domain names. Further, the DNS transforms domain names into IP addresses, and by so doing, allows browsers to access the resources.
We have also shown examples of various kinds of records, including A records, AAAA records, PTR records, NS records.
Getting the CNAME Value, locating an MX record, SOA Records, and TXT Record with a view of helping you easily comprehend and put this skill into use.
In addition, we looked at DNS as a hierarchical, distributed, cached database system. The latter finds a lot of use with the TCP/IP Internet to determine an IP address from a hostname. It also aids in performing reverse lookups. Further, authoritative servers provide this information for each domain and subdomain.
Finally, Nslookup is a valuable tool for diagnosing DNS-related network issues. On the flip side, it runs on all major operating systems and can be used interactively or via the command line.