Name Resolution Tools and Utilities

A number of hostname resolution utilities and facilities exist that you should be aware of in Windows 2000. These include nslookup, the monitoring tab of the DNS server properties, ipconfig switches, and netdiag.

Nslookup is the most common DNS hostname resolution troubleshooting utility. In effect, this tool is used as a command-line resolver, a DNS client that sends queries of different types to a DNS server and returns a response. This tool provides a quick and easy way of testing whether or not host name queries are capable of being properly resolved via DNS. For example, to test resolution of the server at, you could issue the command nslookup, and be returned the hostname associated with the IP address if DNS is correctly configured.

The Monitoring tab found in the properties of a DNS server also provides a quick way to assess DNS resolution (although I would argue that it can be less reliable at times based on experience), via a simple or recursive query test.

A simple query sends a query from the local resolver (client) to the locally configured DNS server. The recursive query goes a step farther, with the client asking the server to use recursion to find a name server for the root (“.”) domain. This provides a method to ensure that root hints (the list of root servers) and / or forwarding are configured correctly.

Netdiag – although this tool can be used to test many network connectivity and associated issues, it can also be used specifically to troubleshoot DNS-related issues. When issued using the Netdiag /test:DNS command, Netdiag will check to see whether the computer is correctly registered in the listed DNS servers, while also verifying that the DNS cache service is running. When used with the /fix option, Netdiag will attempt to re-register the host in DNS if the entries found are not consistent.

Ipconfig – although most commonly used to view IP address configuration information, the ipconfig command has 3 switches directly related to DNS. The /displaydns switch, allows you to view the DNS entries recently resolved and cached on the client. The /flushdns switch clears the client DNS cache. Finally the /registerdns switch forces the client to attempt name and address registration with the configured DNS server(s).

Event Viewer DNS Server Log file – found on Windows 2000 DNS servers, this Event Viewer log file will provide information on errors and other important information relating to the DNS service. This should be used as a first point of contact when troubleshooting DNS-related issues. The System log should also be consulted for issues relating to client-side resolution problems.

DNS Logging – Another option for monitoring your DNS servers is to configure them to use DNS logging, which logs selected DNS event information (as shown below) to a dns.log file in the %systemroot%\system32\dns folder on the server. This may cause performance degradation on the server. It should be used only for troubleshooting purposes.

Author: Dan DiNicolo

Dan DiNicolo is a freelance author, consultant, trainer, and the managing editor of He is the author of the CCNA Study Guide found on this site, as well as many books including the PC Magazine titles Windows XP Security Solutions and Windows Vista Security Solutions. Click here to contact Dan.