nslookup in Python

The Domain Name System, usually known as DNS, is an internet phonebook that contains information about domain names. DNS transforms domain names into IP addresses, allowing browsers to access the resources.

DNS is a hierarchical, distributed, cached database system used with the TCP/IP Internet to determine an IP address from a hostname and perform reverse lookups. Authoritative servers provide this information for each domain and subdomain.

You might be familiar with the nslookup and host commands for converting hostnames to IP addresses. A records are IP address listings for individual machine names in DNS tables.

nslookup www.codeunderscored.com
nslookup
nslookup

We can also use DNS to locate a list of servers to utilize when sending an email message to a specific domain name. MX records are what they’re called.

nslookup



set q=mx
ksu.edu
use DNS to locate a list of servers
use DNS to locate a list of servers

It is not always necessary to build code that interacts directly with the DNS infrastructure. The socket.gethostbyname(), socket.gethostbyaddr(), socket.getaddrinfo(), and socket.connect() functions in the socket module handle DNS resolution for us. We usually need to find our SMTP server when sending email messages. It locates the destination domain’s MX records and connects to the proper server to relay the message. Regardless, DNS is a critical component of networking. So, anytime our software wants to do DNS lookups or reverse lookups, Python makes it straightforward.

pyDNS and dnspython are the two most popular Python DNS modules. We chose the latter for the tiny programming DNS. It is easier to use and appears to be more widely used.

Dnspython gives you access to DNS at both high and low levels. The high-level classes run queries for data of a particular name, type, and class and then return a set of results. DNS zones, messages, names, and records can all be directly manipulated using the low-level classes.

Domain names are created when IP addresses are converted to human-readable forms or words. The dnspython python module manages the translation of domain names to IP addresses. CNAME and MX records can also be found using the methods provided in this module.

Locating Records

The dnspython module’s dns.resolver() function assists in locating various domain name records. The domain name and the record type are the two most crucial parameters for this function. The following are some of the different kinds of records, along with examples:

How to find ‘A’ Record

Using the dns.resolver method, we find the domain’s ip address in the program below. This mapping between IP address and domain name is commonly referred to as an ‘A’ record.

import dns
import dns.resolver

result = dns.resolver.resolve('codeunderscored.com', 'A')

for ipval in result:
  print('IP', ipval.to_text())

We receive the following output when we run the program mentioned above:

How to find 'A' Record
How to find ‘A’ Record

AAAA Record

It is an IP address record used to determine the IP address of the domain’s computer. It’s identical to an A record, except it specifies the server’s IPv6 address rather than its IPv4 address.

# Import libraries
import dns.resolver

# Finding AAAA record
result = dns.resolver.resolve('codeunderscored.com', 'AAAA')

# Printing record
for val in result:
	print('AAAA Record : ', ipval.to_text())

Output:

AAAA Record
AAAA Record

PTR Record

PTR stands for pointer record, which is used to map IP addresses to domain names or hostnames. In addition, it’s used to perform a reverse DNS lookup.

# Import libraries
import dns.resolver

# Finding PTR record
result = dns.resolver.resolve('116.62.218.34.in-addr.arpa', 'PTR')

# Printing record
for val in result:
	print('PTR Record : ', val.to_text())

Output:

PTR Record
PTR Record

NS Record

Nameserver(NS) record is a nameserver(NS) record indicating which server is authoritative for a specific domain, i.e., which server holds the actual DNS records. A domain can have many NS records, including the primary and backup name servers.

# Import libraries
import dns.resolver

# Finding NS record
result = dns.resolver.resolve('codeunderscored.com', 'NS')

# Printing record
for val in result:
	print('The NS Record is : ', val.to_text())

Output:

NS Record
NS Record

Getting the CNAME Value

A CNAME record, also known as a Canonical Name Record, is a type of DNS record used to convert a domain name to an alias for another domain. CNAME records always lead to another domain name, never to an IP address directly. To acquire the CNAME value, we use the CNAME parameter in the query method below.

import dns.resolver
result = dns.resolver.resolve('mail.google.com', 'CNAME')
for cnameval in result:
    print('The CNAME target address is :', cnameval.target)

We receive the following output when we run the program as mentioned earlier:

cname target address: googlemail.l.google.com.

Getting the CNAME Value
Getting the CNAME Value

locating an MX record

An MX record, also known as a mail exchanger record, is a DNS resource record that identifies a mail server that accepts email messages on behalf of a recipient’s domain. If numerous mail servers are available, it also specifies the preference value for prioritizing message delivery. If many mail servers are present for load balancing and redundancy, it has preference values based on prioritizing mail. Using the ‘MX’ parameter in the query method, we can find the value for the MX record in the same way as the previous programs.

import dns.resolver
host_domain = 'hotmail.com'
results =dns.resolver.resolve(host_domain, 'MX')
for exdata in results:
    print(' MX Record:',exdata.to_text())
   

We receive the following output when we run the program above:

locating an MX record
locating an MX record

SOA Records

Start of Authority records, or SOA records, is a type of resource record that contains information on the zone’s administration, particularly zone transfers defined by the zone administrator.

# Import libraries
import dns.resolver

# Finding SOA record
result = dns.resolver.resolve('codeunderscored.com', 'SOA')

# Printing record
for val in result:
	print('The SOA Record is : ', val.to_text())

Output:

SOA Records
SOA Records

TXT Record

These records hold text information from outside the domain sources. TXT records can be used for various purposes, such as verifying domain ownership and ensuring email security.

# Import libraries
import dns.resolver

# Finding TXT record
result = dns.resolver.resolve('hotmail.com', 'TXT')

# Printing record
for val in result:
	print('The TXT Record is :', val.to_text())
TXT Record
TXT Record

The primary purpose of nslookup is to diagnose DNS issues. In addition, nslookup has two modes of operation: interactive and non-interactive.

In interactive mode, type nslookup and hit return on the command line.

A nslookup command prompt should appear as shown below.

nslookup command prompt
nslookup command prompt

Type nslookup options at the command prompt to use in non-interactive mode.

Nslookup is a tool that allows you to look up information on the internet. To demonstrate how to utilize nslookup, we’ll do the following:

  • Determine a host’s IP address.
  • Find the IP address’s domain name.
  • Locate a domain’s mail servers.
  • These are most likely the most popular use cases.

Obtaining an IP Address for a Host

Type: to find a host’s IP address, such as www.codeunderscored.com.

nslookup www.codeunderscored.com

at the command line

noninteractive nslookup
noninteractive nslookup

For an interactive nslookup, type the following on the command prompt and enter the given domain below.

nslookup

www.codeunderscored.com
 interactive nslookup
interactive nslookup

To reverse lookup IP address to the domain name, type nslookup IP address

nslookup 143.110.152.151
nslookup IP address

Find a Domain’s Mail Servers

Type nslookup -querytype=mx domain name for instance,

nslookup -querytype=mx hotmail.com
Find a Domain's Mail Servers
Find a Domain’s Mail Servers

Notes on General Usage:

nslookup uses the domain server that is presently configured for your system by default. In addition, you can change DNS servers by specifying a server name or an IP address.

Go to an interactive prompt and type: 208.67.222.222 to switch to the open DNS server address.

nslookup

208.67.222.222
open dns server address
open DNS server address

You may discover that you get non-authoritative replies. The latter is nothing to worry about, as all it implies is that the DNS server has already recently resolved this query.

It can retrieve the results from the cache and doesn’t need to call the authoritative name server. Subsequently, you may determine which name servers are responsible (authoritative) for a domain by setting the query type to NS and inputting the domain name.

Python’s DNS Lookup

The sockets module makes it simple to look up the IP address of a hostname.

The sockets module provides an easy way to look up a host name’s IP address.

import socket

addr1 = socket.gethostbyname('google.com')
addr2 = socket.gethostbyname('yahoo.com')
print(addr1, addr2)

Running the latter code will output the following results.

Python's DNS Lookup
Python’s DNS Lookup

Using the DNSpython resolver, you can do sensible high-level DNS lookups in Python. In case you do not already have nslookup installed, run the following command.

pip install nslookup

XN-Twist code for sensible high-level DNS lookups in Python, using dnspython dns.resolver.

The library’s central purpose and applications are as follows:

  • Lookups for records (typical DNS queries)
  • Lookups in SOA
  • Returns an object with two arrays in it:
  • full DNS response string: the entire DNS response string (s)
  • answer: the DNS response that has been parsed (list of IPs or SOA string)

For example:

from nslookup import Nslookup

domain = "codeunderscored.com"

# set optional Cloudflare public DNS server
dns_query = Nslookup(dns_servers=["1.1.1.1"])

ips_record = dns_query.dns_lookup(domain)
print(ips_record.response_full, ips_record.answer)

soa_record = dns_query.soa_lookup(domain)
print(soa_record.response_full, soa_record.answer)
nslookup
nslookup

Summary

The article has comprehensively explored the Domain Name System as an internet phonebook with information on domain names. Further, the DNS transforms domain names into IP addresses, and by so doing, allows browsers to access the resources.

We have also shown examples of various kinds of records, including A records, AAAA records, PTR records, NS records.
Getting the CNAME Value, locating an MX record, SOA Records, and TXT Record with a view of helping you easily comprehend and put this skill into use.

In addition, we looked at DNS as a hierarchical, distributed, cached database system. The latter finds a lot of use with the TCP/IP Internet to determine an IP address from a hostname. It also aids in performing reverse lookups. Further, authoritative servers provide this information for each domain and subdomain.

Finally, Nslookup is a valuable tool for diagnosing DNS-related network issues. On the flip side, it runs on all major operating systems and can be used interactively or via the command line.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *