Because it’s always DNS, and because you want to query DNS on non-Windows systems, too, using PowerShell… You can use the DnsClient-PS module. In this brief blog post, I will demonstrate how it works.
What is DNS?
It’s the thing that always breaks and which you can always blame for everything 😉 No, in short:
“The Domain Name System (DNS) is a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names (identification strings) assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985.”
Source: https://en.wikipedia.org/wiki/Domain_Name_System
What does DnsClient-PS do?
“A cross-platform DNS client for PowerShell utilizing the DnsClient.NET library.
DNS query options in PowerShell and the native .NET class library have always been disappointing. Resolve-DnsName is a decent addition, but it’s only available on Windows and doesn’t seem to be headed cross-platform anytime soon. The System.Net.Dns namespace is also extremely limited in its capabilities.
DnsClient.NET is a simple yet very powerful and high performant open source library for the .NET Framework to do DNS lookups. This module attempts to expose its power in a PowerShell native manner in order to automate DNS tasks without needing to parse the output of utilities like nslookup and dig. However, it is not intended to be a general replacement for those utilities.
- Optional response cache for performance sensitive tasks
- Fully supported cross platform
- Low level access to request/response protocol details
- Optional dig’like human readable output
Source: https://github.com/rmbolger/DnsClient-PS?tab=readme-ov-file#dnsclient-ps
Why not use the DnsClient module?
Today, I was reviewing my scripts, and most of them are working just fine on Windows. However, I also want to run them on Linux or macOS, if needed. The DnsClient PowerShell module, which is shipped by default in Windows, only works on… Windows 🙂
I was looking for a solution that could resolve DNS names and IP addresses, as well as make queries for MX and TXT records, all while being cross-platform. I came across the Module, which has already garnered 1100992 downloads, by Ryan Bolger.
How does the module work?
Installation
You can install it from PowerShell 5.1 and up by running:
Install-Module -Name DnsClient-PS -Scope CurrentUser
Cmdlets
After installation, the following Cmdlets are available:
Get-DnsClientSetting
This enables you to check the current DNS settings of your system, for example:
Resolve-DNS
The most important feature of the module 🙂 These Cmdlets allow you to query DNS records with additional Parameters:
-Query <String[]>
One or more query strings such as 'www.example.com', '192.168.0.1', or '1.0.168.192.in-addr.arpa'.
Required? true
Position? 1
Default value
Accept pipeline input? true (ByValue)
Aliases
Accept wildcard characters? false
-QueryType
A query type such as A, AAAA, MX, TXT, SOA, or NS.
Required? false
Position? 2
Default value A
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-QueryClass
A query class such as IN.
Required? false
Position? named
Default value IN
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-Question <DnsQuestion[]>
A DnsQuestion object that represents a query, type, and class.
Required? true
Position? 1
Default value
Accept pipeline input? true (ByValue, ByPropertyName)
Aliases
Accept wildcard characters? false
-NameServer <String[]>
One or more DNS server hostnames or IP addresses. The port is assumed to be 53 unless the server is followed by ":<port>" where <port> is an alternative listening port.
Required? false
Position? named
Default value
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-UseCache [<SwitchParameter>]
If specified, response caching is enabled. The cache duration is calculated by the resource record of the response. Usually, the lowest TTL is used.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-Recursion [<SwitchParameter>]
If specified, DNS queries should instruct the DNS server to do recursive lookups.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-Timeout <TimeSpan>
[TimeSpan] used for limiting the connection and request time for one operation. Timeout must be greater than zero and less than [TimeSpan]::MaxValue. If [Threading.Timeout]::InfiniteTimeSpan is used, no timeout will be applied. Default is 5 seconds.
Required? false
Position? named
Default value
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-Retries <Int32>
The number of tries to get a response from one name server before trying the next one. Only transient errors, like network or connection errors will be retried. Default is 2 which will be three tries total.
Required? false
Position? named
Default value 0
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-ThrowDnsErrors [<SwitchParameter>]
If specified, the resolver should throw a DnsResponseException in case the query result has a DnsResponseCode other than NoError. Default is False.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-UseRandomNameServer [<SwitchParameter>]
If specified, the resolver will cycle through all configured NameServers on each consecutive request, basically using a random server. Default is True. If only one NameServer is configured, this setting is not used.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-ContinueOnDnsError [<SwitchParameter>]
If specified, the resolver will query the next configured NameServer if the last query returned a DnsResponseCode other than NoError. Default is True.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-ContinueOnEmptyResponse [<SwitchParameter>]
If specified, the resolver will query the next configured NameServer if the response does not have an error DnsResponseCode but the query was not answered by the response. Default is True.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-UseTcpFallback [<SwitchParameter>]
If specified, the resolver will retry using TCP when a UDP response is truncated. Default is True.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-UseTcpOnly [<SwitchParameter>]
If specified, the resolver will never use UDP. Default is False. Enable this only if UDP cannot be used because of your firewall rules for example. Also, zone transfers must use TCP only.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-ExtendedDnsBufferSize <Int32>
The maximum buffer used for UDP requests. Defaults to 4096. If this value is less or equal to 512 bytes, EDNS might be disabled.
Required? false
Position? named
Default value 0
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-EnableAuditTrail [<SwitchParameter>]
If specified, DNS responses will contain an AuditTrail property which contains a human readable version of the response similar to dig output. Default is False.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-RequestDnsSecRecords [<SwitchParameter>]
If specified, EDNS should be enabled and the DO flag should be set. Defaults to False.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
Set-DnsClientSetting
This Cmdlet allows you to set specific values while querying DNS. Parameters are:
-NameServer <String[]>
One or more DNS server hostnames or IP addresses. The port is assumed to be 53 unless the server is followed by ":<port>" where <port> is an alternative listening port.
Required? false
Position? 1
Default value
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-UseCache [<SwitchParameter>]
If specified, response caching is enabled. The cache duration is calculated by the resource record of the response. Usually, the lowest TTL is used.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-Recursion [<SwitchParameter>]
If specified, DNS queries should instruct the DNS server to do recursive lookups.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-Timeout <TimeSpan>
[TimeSpan] used for limiting the connection and request time for one operation. Timeout must be greater than zero and less than [TimeSpan]::MaxValue. If [Threading.Timeout]::InfiniteTimeSpan is used, no timeout will be applied. Default is 5 seconds.
Required? false
Position? 2
Default value
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-Retries <Int32>
The number of tries to get a response from one name server before trying the next one. Only transient errors, like network or connection errors will be retried. Default is 2 which will be three tries total.
Required? false
Position? 3
Default value 0
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-ThrowDnsErrors [<SwitchParameter>]
If specified, the resolver should throw a DnsResponseException in case the query result has a DnsResponseCode other than NoError. Default is False.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-UseRandomNameServer [<SwitchParameter>]
If specified, the resolver will cycle through all configured NameServers on each consecutive request, basically using a random server. Default is True. If only one NameServer is configured, this setting is not used.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-ContinueOnDnsError [<SwitchParameter>]
If specified, the resolver will query the next configured NameServer if the last query returned a DnsResponseCode other than NoError. Default is True.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-ContinueOnEmptyResponse [<SwitchParameter>]
If specified, the resolver will query the next configured NameServer if the response does not have an error DnsResponseCode but the query was not answered by the response. Default is True.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-UseTcpFallback [<SwitchParameter>]
If specified, the resolver will retry using TCP when a UDP response is truncated. Default is True.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-UseTcpOnly [<SwitchParameter>]
If specified, the resolver will never use UDP. Default is False. Enable this only if UDP cannot be used because of your firewall rules for example. Also, zone transfers must use TCP only.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-ExtendedDnsBufferSize <Int32>
The maximum buffer used for UDP requests. Defaults to 4096. If this value is less or equal to 512 bytes, EDNS might be disabled.
Required? false
Position? 4
Default value 0
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-EnableAuditTrail [<SwitchParameter>]
If specified, DNS responses will contain an AuditTrail property which contains a human readable version of the response similar to dig output. Default is False.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-MinimumCacheTimeout <TimeSpan>
[TimeSpan] which can override the TTL of a resource record in case the TTL of the record is lower than this minimum value. Default is Null. This is useful in case the server retruns records with zero TTL.
Required? false
Position? 5
Default value
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-MaximumCacheTimeout <TimeSpan>
[TimeSpan] which can override the TTL of a resource record in case the TTL of the record is higher than this maximum value. Default is Null.
Required? false
Position? 6
Default value
Accept pipeline input? false
Aliases
Accept wildcard characters? false
-RequestDnsSecRecords [<SwitchParameter>]
If specified, EDNS should be enabled and the DO flag should be set. Defaults to False.
Required? false
Position? named
Default value False
Accept pipeline input? false
Aliases
Accept wildcard characters? false
Examples
Querying a single A record
If you want to retrieve the IP address of powershellisfun.com, you can use Resolve-Dns -Query PowerShellisfun.com :
It does return a lot of information, but not the address? Yes, but it’s in the AllRecords Property; you can display that by using (Resolve-Dns -Query PowerShellisfun.com).AllRecords:
Querying different types of records
If you want to check the MX records, you can use (Resolve-Dns -Query powershellisfun.com -QueryType:MX).AllRecords :
Or if you want to know what the Name servers of a domain are, you can use (Resolve-Dns -Query powershellisfun.com -QueryType:NS).AllRecords, for example.
Note: You can query these types: A, AFSDB, AXFR, CERT, DNSKEY, HINFO, MD, MG, MR, NAPTR, NS, NSEC3, NULL, RP, SOA, SRV, TLSA, URI
AAAA, ANY, CAA, CNAME, DS, MB, MF, MINFO, MX, None, NSEC, NSEC3PARAM, PTR, RRSIG, SPF, SSHFP, TXT, WKS
Query a record using a specific Nameserver
And when you’re testing the value of the existence of DNS records of specific Nameservers, you can use the -NameServer Parameter. For example:
Wrapping up
And that’s how you can query DNS records cross-platform and don’t have to depend on Windows and the default DnsClient Module on that. I will rewrite some of my scripts that I want to run on Linux with this 🙂 Have a lovely weekend!
One thought on “Using the DnsClient-PS PowerShell Module for cross-platform DNS querying”