|
The "ls" command in nslookup executes a zone transfer (which is a TCP-based connection) to get all of the information from the remote authoritative name server to the local machine. In order for this to work, the remote DNS server must be accessible by the TCP protocol over port 53, and the transfer of the zone must be authorized to the client making the request.
Operation in this manner is desired as it increases security of the domain by not revealing all of the gory details to "any machine that asks for them". If you must be able to support the "ls" command, provide specific details about the DNS server (including whether it's under your control or not), and I can help you enable it.
|