Dig Command
Make that DNS talk !
Display only the ANSWER section
| dig opensuse.org +noall +answer |
Activate the short output
| dig perdu.com +short |
Reverse DNS (get name from IP)
| dig -x 208.97.177.124 |
Use a specific DNS server
| dig @8.8.4.4 redhat.com |
Display the name resolution path
| dig google.com +trace |
Request a zone transfer
| dig microsoft.com AXFR |
List specific types of RRs (Resource Records)
List address records
| dig -t A tme520.net |
List aliases
| dig -t CNAME tme520.net |
Find who manages a domain
| dig -t SOA tme520.net |
List mail servers
| dig tme520.net MX |
List name servers
| dig tme520.net NS |
List any type of Resource Record
|
There are about 40 DNS Resources Records types, but you only have to know 5 of them:
- A : Address record (IPv4); AAAA for IPv6,
- CNAME : Canonical Name. Aliases to A or AAAA records,
- SOA : Start Of Authority: primary name server, email of the domain admin, domain serial number, and timers relating to refreshing the zone,
- MX : Mail eXchange. Points to a mail server,
- NS : Name Server (a DNS).
- A : Address record (IPv4); AAAA for IPv6,
- CNAME : Canonical Name. Aliases to A or AAAA records,
- SOA : Start Of Authority: primary name server, email of the domain admin, domain serial number, and timers relating to refreshing the zone,
- MX : Mail eXchange. Points to a mail server,
- NS : Name Server (a DNS).
Dig stands for (Domain Information Groper). Dig is a network administration command-line tool for querying Domain Name System (DNS) name servers. It is useful for verifying and troubleshooting DNS problems and also to perform DNS lookups and displays the answers that are returned from the name server that were queried. dig is part of the BIND domain name server software suite. dig command replaces older tool such as nslookup and the host. dig tool is available in major Linux distributions.
Query Domain “A” Record
# dig yahoo.com; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> yahoo.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<
Above command causes dig to look up the “A” record for the domain name yahoo.com. Dig command reads the /etc/resolv.conf file and querying the DNS servers listed there. The response from the DNS server is what dig displays.
UNDERSTAND THE OUTPUT:
- Lines beginning with ; are comments not part of the information.
- The first line tell us the version of dig (9.8.2) command.
- Next, dig shows the header of the response it received from the DNS server
- Next comes the question section, which simply tells us the query, which in this case is a query for the “A” record of yahoo.com. The IN means this is an Internet lookup (in the Internet class).
- The answer section tells us that yahoo.com has the IP address 72.30.38.140
- Lastly there are some stats about the query. You can turn off these stats using the +nostats option.
Query Domain “A” Record with +short
By default dig is quite verbose. One way to cut down the output is to use the +short option. which will drastically cut the output as shown below.
# dig yahoo.com +short 98.139.183.24 72.30.38.140 98.138.253.109
Note: By default dig looks for the “A” record of the domain specified, but you can specify other records also. The MX or Mail eXchange record tells mail servers how to route the email for the domain. Likewise TTL, SOA etc.
Query MX Record
Querying different types of DNS resource records only.
# dig yahoo.com MX ; <> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <> yahoo.com MX ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31450 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 24 ;; QUESTION SECTION: ;yahoo.com. IN MX ;; ANSWER SECTION: yahoo.com. 33 IN MX 1 mta6.am0.yahoodns.net. yahoo.com. 33 IN MX 1 mta7.am0.yahoodns.net. yahoo.com. 33 IN MX 1 mta5.am0.yahoodns.net.
Query SOA Record
# dig yahoo.com SOA ; <> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <> yahoo.com SOA ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2197 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 7, ADDITIONAL: 7 ;; QUESTION SECTION: ;yahoo.com. IN SOA ;; ANSWER SECTION: yahoo.com. 1800 IN SOA ns1.yahoo.com. hostmaster.yahoo-inc.com. 2012081409 3600 300 1814400 600
Query TTL Record
# dig yahoo.com TTL ; <> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <> yahoo.com TTL ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56156 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;yahoo.com. IN A ;; ANSWER SECTION: yahoo.com. 3589 IN A 98.138.253.109 yahoo.com. 3589 IN A 98.139.183.24 yahoo.com. 3589 IN A 72.30.38.140
Query only answer section
# dig yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats ;; global options: +cmd yahoo.com. 3442 IN A 72.30.38.140 yahoo.com. 3442 IN A 98.138.253.109 yahoo.com. 3442 IN A 98.139.183.24
Query ALL DNS Records
# dig yahoo.com ANY +noall +answer ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.com ANY +noall +answer ;; global options: +cmd yahoo.com. 3509 IN A 72.30.38.140 yahoo.com. 3509 IN A 98.138.253.109 yahoo.com. 3509 IN A 98.139.183.24 yahoo.com. 1709 IN MX 1 mta5.am0.yahoodns.net. yahoo.com. 1709 IN MX 1 mta6.am0.yahoodns.net. yahoo.com. 1709 IN MX 1 mta7.am0.yahoodns.net. yahoo.com. 43109 IN NS ns2.yahoo.com. yahoo.com. 43109 IN NS ns8.yahoo.com. yahoo.com. 43109 IN NS ns3.yahoo.com. yahoo.com. 43109 IN NS ns1.yahoo.com. yahoo.com. 43109 IN NS ns4.yahoo.com. yahoo.com. 43109 IN NS ns5.yahoo.com. yahoo.com. 43109 IN NS ns6.yahoo.com.
DNS Reverse Look-up
Querying DNS Reverse Look-up. Only display answer section with using +short.
# dig -x 72.30.38.140 +short ir1.fp.vip.sp2.yahoo.com.
Query Multiple DNS Records
Query multiple website’s DNS specific query viz. MX, NS etc. records.
# dig yahoo.com mx +noall +answer redhat.com ns +noall +answer ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.com mx +noall +answer redhat.com ns +noall +answer ;; global options: +cmd yahoo.com. 1740 IN MX 1 mta6.am0.yahoodns.net. yahoo.com. 1740 IN MX 1 mta7.am0.yahoodns.net. yahoo.com. 1740 IN MX 1 mta5.am0.yahoodns.net. redhat.com. 132 IN NS ns1.redhat.com. redhat.com. 132 IN NS ns4.redhat.com. redhat.com. 132 IN NS ns3.redhat.com. redhat.com. 132 IN NS ns2.redhat.com.
Create .digrc file
Create .digrc file under $HOME/.digrc to store default dig options.
# dig yahoo.com yahoo.com. 3427 IN A 72.30.38.140 yahoo.com. 3427 IN A 98.138.253.109 yahoo.com. 3427 IN A 98.139.183.24
We have store +noall +answer options permanently in .digrc file under user’s home directory. Now, whenever dig command executes it will show only answer section of dig output. No Need to type every-time options like +noall +answer.
Once installed, check the version, to make sure the setup was completed successfully:
dig -v
Dig Syntax
In its simplest form, the syntax of the dig utility will look like this:
dig [server] [name] [type]
[server] – the IP address or hostname of the name server to query.
If the server argument is the hostname then dig will resolve the hostname before proceeding with querying the name server.
It is optional and if you don’t provide a server argument then dig uses the name server listed in /etc/resolv.conf.
[name] – the name of the resource record that is to be looked up.
[type] – the type of query requested by dig. For example, it can be an A record, MX record, SOA record or any other types. By default dig performs a lookup for an A record if no type argument is specified.
How to Use the Dig Command
Lets get into the basic uses of the command:
Dig a Domain Name
To perform a DNS lookup for a domain name, just pass the name along with the dig command:
dig hostinger.com
By default, the dig command will display the A record when no other options are specified. The output will also contain other information like the installed dig version, technical details about the answers, statistics about the query, a question section along with few other ones.
Short Answers
The above dig command includes a lot of useful information in different sections, but there may be times when you want only the result of the query. You can do that by using the +short option, that will display the IP address (A record) of the domain name only:
dig hostinger.com +short
Detailed Answers
Sometimes you want to view the answers section in details. Therefore, For a detailed information on answers section, you can stop displaying all the section using +noall option and query the answers section only by using +answer option with the dig command.
dig hostinger.com +noall +answer
Specifying Nameservers
By default, dig commands will query the name servers listed in /etc/resolv.conf to perform a DNS lookup for you. You can change this default behavior by using the @ symbol followed by a hostname or IP address of the name server along.
The following dig command sends the DNS query to Google’s name server(8.8.8.8) by using the @8.8.8.8 option.
dig @8.8.8.8 hostinger.com
Query All DNS Record Types
To query all the available DNS record types associated with a domain use the ANY option. The ANY option will include all the available record types in the output:
dig hostinger.com ANY
Search For Record Type
If you want to look up a specific record, just add the type to the end of the command.
For example, to query get only the mail exchange – MX – answer section associated with a domain, you can use the following dig command:
dig hostinger.in MX
Similarly, to view the other records associated with a domain, specify the record type at the end of dig command:
dig hostinger.com txt (Query TXT record) dig hostinger.com cname (Query CNAME record) dig hostinger.com ns (Query NS record) dig hostinger.com A (Query A record)
Trace DNS Path
Dig allows tracing the DNS lookup path by using the +trace option. The option makes iterative queries to resolve the name lookup. It will query the name servers starting from the root and subsequently traverses down the namespace tree using iterative queries following referrals along the way:
dig hostinger.com +trace
Reverse DNS Lookup
Reverse DNS lookup lets you look up the domain and hostname associated with an IP address. To perform a reverse DNS lookup using the dig command use the –x option followed by your chosen IP address. In the following example, dig will perform a reverse DNS lookup for the IP address associated with google.com:
dig +answer -x 172.217.166.46
Remember that If a PTR record is not defined for an IP address, then it is not possible to do a reverse DNS lookup since the PTR record points to the domain or hostname.
Batch Queries
With the dig utility, you can perform a DNS lookup for a list of domains instead of doing the same for each one individually. To do that, you need to provide dig with a list of domain names – one per line in a file. Once the file is ready, specify the name of it with -f option:
vi domain_name.txt hostinger.com google.com ubuntu.com
dig -f domain_name.txt +short
Control Dig Behavior
The output of the command can be customized permanently by setting up options in the ~/.digrc file that will run automatically with the command.
Suppose you want to view the answer section only – specify the required options in the ~/.digrc file, so you don’t have to type them in while executing the query.
echo "+noall +answer" > ~/.digrc
Now perform a DNS server lookup for a domain. The output confirms that dig runs with the options set in the ~/.digrc file.
Conclusion
That’s all the basics you need to start using dig In Linux. Now you can perform DNS lookups for domains using various options. Want to learn more? Check the manual page by using the man dig command to find out all the possible uses and options.
