Explain the Basic Use of the nslookup Program

The nslookup program is a standard command-line tool available in UNIX-based systems like Linux, BSD, or macOS, that is primarily used for querying the Domain Name System (DNS). It translates domain names into IP addresses and vice versa, which is essential for networking tasks and DNS troubleshooting. Here is the basic use of the nslookup program on a UNIX machine:

1. Opening the Terminal: nslookup operates from the command line, so the first step is to open your terminal application.
2. Basic Usage: The simplest form of an nslookup command involves typing nslookup, followed by the domain name or IP address you want to look up.
   For instance, to find the IP address associated with a domain name:
   

   ```bash
   nslookup www.example.com
   ```
   

   
   If you want to find the domain name associated with a specific IP address:
   
   

   ```bash
   nslookup 192.0.2.1
   ```
   

3. Specifying a DNS Server: By default, nslookup uses the DNS server that your system is configured to use. However, you can specify a different DNS server by adding it to the end of your command. For example:
   

   ```bash
   nslookup www.example.com 8.8.8.8
   ```
   

   
   Here, 8.8.8.8 is the IP address of Google’s public DNS server.
4. Querying Specific DNS Records: nslookup can also be used to query specific types of DNS records. For instance, to find the mail servers (MX records) for a domain:
   

   nslookup -query=mx example.com
   

5. Interactive Mode: If you need to perform multiple related queries, you can use nslookup in interactive mode. Simply type nslookup and hit Enter:
   

   nslookup
   

Now you can input multiple commands. For instance, to set the query type to MX records:

```bash
> set query=mx
```

And then to perform a query:

```bash
> example.com
```

To exit interactive mode, simply type exit and hit Enter.
It is important to remember that nslookup is a powerful tool and the above commands are only a fraction of its capabilities. For a full list of options and more advanced features, you can refer to the nslookup man page by typing man nslookup in the terminal.

The nslookup program operates interactively. When you start the program from the UNIX command line, it uses the /etc/resolv.conf file to locate a name server, and initially directs its queries at that server.

$ nslookup
Default Server: dns.class.com
Address: 196.241.12.122
>

$ nslookup
Default Server: dns.class.com
Address: 196.241.12.122
> www.microsoft.com
Server: dns.class.com 
Address: 196.241.12.122
Name: www.microsoft.com
Addresses: 207.68.156.58, 207.68.156.61, 
207.46.130.14, 207.46.130.15,207.46.130.16, 
207.46.130.17, 207.46.130.138, 207.46.130.139,
207.46.130.149,207.46.130.150, 207.46.130.151,
207.46.130.164, 207.46.130.165, 207.46.131.13,
207.46.131.15, 207.46.131.16, 207.46.131.141,
207.68.137.53, 207.68.137.56, 207.68.137.59,
207.68.156.16, 207.68.156.49, 207.68.156.52
> 207.68.156.52
Server: dns.class.com 
Address: 196.241.12.122
Name:  www.microsoft.com
Address: 207.68.156.52

Evidently, Microsoft operates quite a few machines under the name www.microsoft.com.
You may see the phrase non-authoritative answer in the output from nslookup. This phrase means that nslookup obtained the information from a server cache, rather than by consulting an authoritative source such as an authoritative server or secondary server.

1. authoritative server: A primary or secondary server for a zone is called an authoritative server when it obtains its information directly from data files describing the zone .
2. secondary server: In addition to its primary server, a zone may have one or more secondary servers. A secondary server provides an alternative source for information on the zone.