How does "nslookup -ls" work?

domain-name-system nslookup history
6,293

I can confirm that nslookup ls in Windows will issue an AXFR query.

The image below shows the query response from my home DNS server to an nslookup ls query from my Windows 10 client.

enter image description here

Servers are neither dumb nor smart. The people who install, configure and manage servers are responsible for the "dumbness" or smartness" of the OS, applications, services, etc. running on those servers. I temporarily allowed zone transfers to any server in order to capture the DNS traffic from my DNS server to my client machine in order to provide the image in my answer. Is the server "dumb" for allowing the transfer? No, but it might be considered "dumb" for me to keep my server configured in this manner.

Share:
6,293
Quuxplusone
Author by

Quuxplusone

Updated on September 18, 2022

Comments

  • Quuxplusone
    Quuxplusone almost 2 years

    I've been going through the 4th Edition (2001, yes, very old) of the O'Reilly "DNS and Bind" book, and it keeps talking about nslookup, which seems to be relatively hard to get one's hands on in this decade.

    In particular, they keep mentioning nslookup -ls as a way to "pull a copy of a zone." Microsoft's docs also say:

    Lists information for a Domain Name System (DNS) domain.

    All of my references ("DNS and Bind", Microsoft, random web pages) seem to be very coy about how nslookup -ls actually works. (And it's not implemented in the version of nslookup on my MacBook.) They also don't say anything suggestive about troubleshooting, like, "If nslookup -ls is showing no results, check to make sure your name server is configured to respond to unauthorized AXFR messages."

    Still, my educated guess is that nslookup -ls just sends a raw AXFR query to the remote nameserver, which will initiate a zone transfer if and only if the remote nameserver is dumb enough to respond to unsolicited, unauthorized AXFRs originating from random machines on the Internet. And then as servers started getting wiser, nslookup -ls stopped working, and then eventually that useless code got ripped out of distributions. This hypothesis seems to match up with the evidence pretty well.

    But I'd really like to get an authoritative answer on the subject. Does nslookup -ls actually use AXFR?

    • Patrick Mevzek
      Patrick Mevzek over 6 years
      You will need to find the appropriate source code from a decode ago :-) current nslookup says in man that ls is not implemented and if you look at the source code you will not find any trace of ls switch. So it may have existed in the past, but this is long gone, as you should nowadays use dig anyway (to do AXFR or any other DNS query)
    • Molomby
      Molomby about 6 years
      The O'Reilly "TCP/IP Network Administration" 3rd edition (2002) also covers the alleged ls functionality of nslookup. I was disappointed to see it's been removed. Apparently you can still perform AXFR requests with dig example.com -t AXFR but servers almost never respond -- the functionality is too easily abused.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How does netstat get a hostname from IP while nslookup & nblookup fail every time?
How do you run an nslookup on an iPhone?
Intermittent DNS failure
BIND DNS nslookup NXDOMAIN
DIG connection times out DNS
nslookup requests time out regardless of server - ping is fine
nslookup fails but ping succeeds for nonexistent domains
dig succeeds, nslookup fails (with dnsmasq as the server)
DNS lookups with/without recursion in NSLOOKUP
nslookup not resolving hostname