لطفا منتظر باشید ...
12.1 Is nslookup a Good Tool?
Much of the time you'll use
nslookup to make queries in the same way the
resolver makes them. Sometimes, though, you'll use
nslookup to query other name servers as a name
server would. Which one you emulate will depend on the problem
you're trying to debug. You might wonder,
"How accurately does nslookup
emulate a resolver or a name server? Does
nslookup actually use the Windows resolver
library routines?" No, nslookup
uses its own routines for querying name servers, but those routines
are based on the resolver routines. Consequently,
nslookup's behavior is very
similar to the resolver's behavior, but it does
differ slightly. We'll point out some of those
differences. As for emulating name server behavior,
nslookup allows you to query another server with
the same query message that a name server would use, but the
retransmission scheme is quite different. Like a name server, though,
nslookup can perform a zone transfer to pull a
copy of a zone's data. So
nslookup does not exactly emulate either the
resolver or the name server, but it does emulate them well enough to
make a good troubleshooting tool. Let's delve into
those differences we've alluded to.
12.1.1 Multiple Servers
nslookup
talks to only one name server at a
time. This is the major difference between
nslookup's behavior and the
resolver's behavior. The resolver makes use of all
the name servers listed in the Windows resolver configuration window.
If two name servers are listed, the resolver tries the first name
server, then the second, then the first, then the second, until it
receives a response or gives up. The resolver does this for every
query. On the other hand, nslookup tries only
the first name server listed. But you want your
troubleshooting tool to talk with only one name server so you can
reduce the number of variables when analyzing a problem. If
nslookup used more than one name server, you
wouldn't have as much control over your
troubleshooting session.
12.1.2 Timeouts
The
nslookup timeouts are similar to the resolver
timeouts when the resolver is querying only one name server. A name
server's timeouts, however, are based on how quickly
the remote server answered the last query, a dynamic measure.
nslookup will never match name server timeouts,
but that's not a problem either. When
you're querying remote name servers with
nslookup, you probably care only what the
response was, not how long it took.
12.1.3 The Search List
nslookup implements
the search list just as the resolver code does. Name servers
don't implement search lists, so, to act like a name
server, the nslookup search function must be
turned offmore on that later.
12.1.4 Zone Transfers
nslookup will do zone
transfers just like a name server. Unlike the name server, though,
nslookup does not check SOA serial numbers
before pulling the zone data; you'll have to do that
manually, if you want to.
12.1.5 Using NetBIOS Names
This
last point doesn't compare
nslookup to the resolver or name server but
rather to ways of looking up names in general.
nslookup, as distributed by Microsoft, uses only
DNS; you can't use it to look up NetBIOS names via
broadcast, LMHOSTS, or WINS. Before using
nslookup to diagnose your problem, you need to
determine if your problem is really with DNS. For example, if an
application is using a different IP address than you expect, perhaps
it's treating a value as a NetBIOS name and not a
DNS name. To diagnose this kind of problem, you need to understand
how the Windows resolver, which we discussedChapter 6, works. Just remember that
nslookup talks only to name servers.
