For about as long as I can remember, every serious DNS administrator has always advocated the use of dig (Domain Information Groper) over nslookup. There’s no need for me to rehash all of the arguments — I’ll just say that dig returns information in a manner consistent with what a protocol analyzer might provide. That’s great, but isn’t it only for Un*x systems? I need to be able to debug from a Windows system.
The Internet Software Consortium (ISC) produces BIND. It also provides a compiled version for Windows. To use dig on a Windows system, do the following (assumes BIND version 9.x):
- Download the ZIP archive of BIND for Windows
- Move the following components into C:\Windows\System32\dns\bin
- Modify your path and add C:\Windows\System32\dns\bin (System Properties… Advanced Settings… Environment Variables)
- Test from the command line… if you missed a library, you will receive a warning.
- Optional: create a resolv.conf file
From the README1st.txt file in the distribution:
IMPORTANT NOTE ON USING THE TOOLS:
It is no longer necessary to create a resolv.conf file on Windows as
the tools will look in the registry for the required nameserver
information. However if you wish to create a resolv.conf file as
follows it will use it in preference to the registry nameserver
To create a resolv.conf you need to place it in the System32\Drivers\etc
directory and it needs to contain a list of nameserver addresses to
use to find the nameserver authoritative for the zone. The format of
this file is:
Replace the IP addresses with your real addresses. 127.0.0.1 is a valid
address if you are running a nameserver on the localhost.
You can add other tools, such as host, if you like. Enjoy!