Reference Manual

NAME

ns - query the configured Domain Name Server, printing all returned Resource Records
SYNOPSIS
ns  | nss  | nsx  [option] IPaddr | name | domain [ifn.gwn | server]
wns | wnss | wnsx [name | address]+

    Use setns to set a DNS Server Address.

...

DESCRIPTION
Command ns queries the current Domain Name Server or the specified server for details of the specified IP address, fully-qualified Name or Domain Name. If argument ifn.gwn is specified, the Name server for the specified interface and gateway is queried. All returned Resource Records are printed in the following format:
name: type value\n

The following options are supported:

-h queries the DNS server for Host Info about a specified host.

-m queries the DNS server for Mail Exchange information for the specified domain.

-n queries the DNS server for Name Server information for the specified domain.

-s queries the DNS server for Service Location information for the specified domain.

-a queries the DNS server for the name of the specified IP.

Command nss reduces verbosity, while command nsx increases verbosity to include the elapsed time in microsecond resolution.

The wns command resolves the specified names or address via the DNS Server addresses configured under Windows. No further details or options are available. The Windows nslookup command can be used for detailed DNS analysis.

Command wnss reduces verbosity, while command wnsx increases it.

NOTES

The following notes apply only to the ns command and its variants.

If an IP address was specified, the query is converted to a Pointer Query (irrespective of the chosen option).

If name is an alias, the canonical name is returned and the output should be analysed for an appropriate IP address.

It is quite likely that a host has more than one IP address, in which case the output should be analysed for an appropriate IP address.

Example:

% ns microsoft.com
microsoft.com:A 134.170.185.46
microsoft.com:A 134.170.188.221
microsoft.com:NS ns3.msft.net
microsoft.com:NS ns4.msft.net
microsoft.com:NS ns2.msft.net
microsoft.com:NS ns1.msft.net
ns1.msft.net:A 208.84.0.53
ns1.msft.net:AAAA 2620:0000:0030:0000:0000:0000:0000:0053
ns2.msft.net:A 208.84.2.53
ns2.msft.net:AAAA 2620:0000:0032:0000:0000:0000:0000:0053
ns3.msft.net:A 193.221.113.53
ns3.msft.net:AAAA 2620:0000:0034:0000:0000:0000:0000:0053
ns4.msft.net:A 208.76.45.53
ns4.msft.net:AAAA 2620:0000:0037:0000:0000:0000:0000:0053

If a query fails, an error message is printed. In the following example, the specified domain nat33.com does not exist, because the response from the DNS Server had the authoritative bit set.

Example:

% ns nat33.com
ERROR: Name Error [Authoritative]
%

Domain names often appear to belong to a trusted organisation, but closer examination reveals that they are hosted on servers of untrusted organisations.

Example:

% ns discovery.meethue.com # A Philips HUE website
discovery.meethue.com:CNAME cluster-web.meethue.com
cluster-web.meethue.com:A 34.117.13.189
%

% ns 34.117.13.189
189.13.117.34.in-addr.arpa:PTR 189.13.117.34.bc.googleusercontent.com
%

The above example clearly shows that the website is actually hosted in the untrusted Google Cloud.

If a DNS server is not configured, a Root Server will be contacted and all returned Resource Records for a specified domain will be printed. The user should then use the setns command to set the NAT32 DNS address to an IP address in one of the returned A records and then issue an ns -n domain command to find the IP address of an authoritative Name Server for the specified domain. The setns command should then again be used to set the NAT32 DNS server to that address.

Full details of the Domain Name Service can be found in RFC 1034 and 1035.

SEE ALSO
conf, icmap, netcfg, ping, setd, setns