12

So, we are on the DNS chapter in our class, and I was wondering if there's any way possible though which I can connect to a DNS server on port 53 via command line interface (i.e Telnet or netcat) like we do for SMTP or HTTP or POP on their specific ports; I tried:

> telnet 8.8.8.8 53

But the connection was closed as soon as it was established; which I later realized was because telnet uses TCP while DNS uses UDP.

Then I tried doing the same with netcat:

> nc -u 8.8.8.8 53

Nada! I just want to see the working of DNS with some transparency.(like with http, SMTP etc.)

Stefan Lasiewski
  • 23,667
  • 41
  • 132
  • 186
Jarwin
  • 245
  • 1
  • 2
  • 9
  • 3
    I don't know what using telnet would teach you about DNS, but you can certainly **query** a DNS server from the command line. In Windows you'd use `nslookup` (with debug to see detailed information). In Linux I believe you'd use `dig`. – joeqwerty Oct 23 '15 at 16:27

3 Answers3

23

As you note, DNS primarily uses UDP but service is actually also provided over TCP (typically used for large responses and zone transfers).
This is why you managed to establish a connection in the first place when you tried telnet. Your connection was closed because you weren't interacting with the service in the expected way, not because telnet uses TCP.

The important difference is that, unlike HTTP and SMTP which are plain text protocols and easy enough to work with directly, DNS is a binary protocol.

This means that you will need some DNS client program to interact with nameservers in any reasonable fashion.

dig has been the de facto standard for DNS troubleshooting for a very long time as it is very good in terms of both constructing queries and in terms of pretty-printing all the information in the response in a concise way. (Part of BIND code-base and included in the Windows build from ISC.)

drill is another alternative with similar capabilities and essentially the same output formatting as dig.

nslookup is well known as it has been around since the dawn of time. It has been largely abandoned except on Windows and has some undesirable quirks and limited capabilities in comparison to the previously mentioned alternatives. The debug option (set debug) makes it usable for troubleshooting in a pinch as it greatly improves the completeness of the output, although the formatting of the debug output leaves a lot to be desired.

Community
  • 1
Håkan Lindqvist
  • 35,011
  • 5
  • 69
  • 94
12

You can use the dig utility, like this:

dig @your.dns.server www.foo.bar

Example:

dig @8.8.8.8 www.google.com

If you want to see the step-by-step name resolution, you can do this:

dig +add +trace @8.8.8.8 www.google.com

Best regards!

Stefano Martins
  • 1,221
  • 8
  • 10
  • is there a windows version of this? i dont have to do this for any work just curious :) – Martin Barker Oct 23 '15 at 16:40
  • 1
    Yes! https://samsclass.info/40/proj/digwin.htm and http://unroutable.blogspot.com.br/2009/02/how-to-install-dig-for-windows.html :) – Stefano Martins Oct 23 '15 at 16:54
  • 1
    Seems more straightforward to go directly to the source: https://www.isc.org/downloads/bind/ – Håkan Lindqvist Oct 23 '15 at 17:49
  • Using `@1.2.3.4` together with `+trace` can lead to confusing results, because the explicit nameserver specified by `@1.2.3.4` can have already updated its cache, while the recursed root nameservers can have a deprecated state. – kiltek Feb 26 '19 at 11:42
3

For Windows you can use NSlookup

   nslookup [-opt ...]             # interactive mode using default server
   nslookup [-opt ...] - server    # interactive mode using 'server'
   nslookup [-opt ...] host        # just look up 'host' using default server
   nslookup [-opt ...] host server # just look up 'host' using 'server'
Mass Nerder
  • 1,007
  • 5
  • 6