If you need to move the DNS hosting of a domain to a new DNS hosting service provider, but don’t have a copy of the DNS zone file or access to current DNS control panel for the domain, then you would have to find a way to retrieve all DNS records for the domain.

This tutorial shows a few different methods which you can try to list and get all current DNS records that is associated for a domain, and possible its sub-domains.

Method 1: nslookup

nslookup is a command-line tool available for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record. nslookup is available natively in Windows, Linux, Unix, macOS and most operating systems.

To list all records of a domain name, run one of the following commands. Note that in order to retrieve all DNS records, most commands use DNS zone transfer (AXFR) query type transaction, which may not be supported or enabled on most DNS servers.

nslookup <DNS server>
>set q=any
>ls -d <domain.name>

<DNS server> is optional, replace it with the IP address or FQDN host name of DNS server which you want to query again. Replace <domain.name> with actual domain name which you want to retrieve all its DNS records.

The nslookup command can be shorten to one line:

nslookup -q=any <domain.name>

Method 2: dig

dig is a DNS lookup utility normally available in Linux and Unix distributions. To use dig command to find out all DNS records for a domain name, including all its sub-domains, request a DNS zone transfer.

dig -t AXFR domain.name

If you have transfer failed error (which means DNS zone transfer is disabled), try the following dig command instead to query for all A records, TXT records, NS records, MX records of the exact domain name as specified in the command, together with their serial, refresh, retry, expire and minimum options, and list the results. Note that this command won’t return the subdomain or child domain, such as www.domain.name.

dig +nocmd krypted.com any +multiline +answer

Method 3: host

Host command is available in some Linux and Unix distributions. It’s a simple utility for performing DNS lookups. To list all DNS entries via zone transfer, use the following command:

host -al domain.name

Again, note that it’s only supported and returned meaningful DNS records if DNS zone transfer is enabled.

Method 4: CloudFlare

CloudFlare can be used as DNS hosting service for those who want a more stable and reliable DNS resolution for their domain name. When a new domain is added to CloudFlare platform, CloudFlare will scan for existing DNS entries in an attempt to import them to CloudFlare. CloudFlare has a good track record of discovering all current DNS records of a domain name, including most DNS records associated with the child-domains or sub-domains, which are important for services such as webmail, ftp, mail server, Office 365, Exchange auto discovery, cPanel, Lync, Google Apps and etc.

So if you didn’t manage to get a list of all current DNS records for a domain, try CloudFlare. A free plan is sufficient for using CloudFlare as DNS hosting service only, and you should also disable the HTTP proxy option for the domain.