Check the Status of DNS Changes with nslookup

Like a watched pot never boils, sometimes DNS changes seem to take forever to propagate. nslookup is a quick and easy way to check on the proverbial pot once you've made changes.

I recently needed to make some DNS changes on domains I manage. As is always the case, I made my changes, set the TTL as low as I can get away with, and then made myself ready for what always seems like an unbearably long wait. The time it takes for changes to propagate (for DNS Servers to clear out previously cached entries on your domains) is probably one of the most painful elements in Dev-Ops. It's like watching a pot boil--except, there's no pot and all you can do is hit reload on your website every 5 minutes. Did the changes work? Did everything go the way it's supposed to? Rather than wait for your site to give you an indication of how everything went, what if there were a way to actually verify with Domain Name Servers?

This is where nslookup comes in handy.

NSWhat?

nslookup is a simple command line application that can be run from both unix-y (Linux/OSX) and non-unix-y systems (Windoze). There are plenty of resources out there documenting use--namely the manpage; if you're like me, though, the manpages for command-line applications are almost never a good place to start (despite the fact that it's the go-to source for any proper follow-up on a Stack-Overflow question); manpages often seem like they were written in ways only the original application developer could understand. You can probably find plenty on Stack-Overflow as well, but you're likely to find the various pieces you need fragmented throughout several posts. So here it is in a single spot: how to check whether your DNS changes have actually taken (for non Dev-Ops types)...

First thing you'll want to do is check whether you have nslookup installed. On linux, open your terminal and type:

$ nslookup mydomain.com

Use whatever domain you want to look at; if you don't get anything, go ahead and install nslookup (Debian/Ubuntu):

$ sudo apt-get install dnsutils

Note: if you're using OSX it looks like nslookup is built into the Network Utility (hopefully that's still around); if you're on Windoze, good luck (that's the way I roll--sorry).

After install, verify everything is cool by running that nslookup command from above. It should look something like this:

nslookup from the command line
Yes--I own a thinkpad! And, I'm damned proud of it!

The first thing you'll want to note here is that nslookup has looked up DNS info on my domain from the default DNS servers listed on my computer. Your computer may be using whatever is the default at your ISP; I specifically configured my network connection to use Google's Public DNS (8.8.8.8--also available alternatively at 8.8.4.4). What this means is that, by default, nslookup will look for DNS changes on whatever DNS Server your network settings default to.

That's great, in my case, if I want to know when DNS changes propagate to Google's Public DNS server. Let's say, then, that I've made a change to the TXT entry on my domain. If I want to see if it's propagated to Google's Public DNS, I can run the following:

$ nslookup -type=txt terracoders.com

That gives you an output more or less like this:

nslookup -type=txt terracoders.com
NOTE: you don't need to include the 8.8.4.4 address for Google's Public DNS if your computer is already configured to use it; if your network connection is configured to use something else, include it to look specifically at what Google has stored as your TXT entry.

Cool! We can see that a TXT entry is there! In this case, it's an old one; if I had just added it, though, this would confirm that it had propagated to Google's Public DNS.

Well, what about the Name Server closest to the domain--the Primary DNS? It's cool to know whether the change has propagated to Google, but what about the Primary? If it's gonna change, that's probably the first place it will register.

Wait!--what's the Primary DNS for my domain? Don't know?--Let's use nslookup to figure it out. Instead of using -type=txt we'll use -type=soa (Start of Authority):

$ nslookup -type=soa terracoders.com

This should give us the following:

nslookup -type=soa terracoders.com
Yeah... I host my website with JustHost. I'm a happy customer; check 'em out if you get a chance.

The "origin" listed is here is the Primary DNS. Let's do a quick check to see if my hypothetical TXT changes have propagated there as well:

$ nslookup -type=txt terracoders.com ns1.justhost.com

...

nslookup -type=txt terracoders.com ns1.justhost.com
I honestly don't know what that TXT entry is for... I think JustHost added it on my behalf.

And, there it is!--the same entry.

Cool way to check for DNS changes. Of course, you're not limited to TXT and SOA lookups. You can use A, CNAME, MX, and any other number of attributes to check for their relevant changes. If waiting for DNS changes to propagate is like waiting for water to boil, nslookup basically gives you a pot to watch. It can help remove a little of the guesswork involved with making DNS changes. The next time you find yourself wondering if your changes are actually taking, give nslookup a try!

Lastly, there are several online interfaces allowing you to use nslookup. If the command-line really isn't your thing, a quick query on DuckDuckGo should turn up several options.

Tags