Contents...
Dig stands for Domain Information Groper, It is a network administration command line tool for querying DNS (Domain Name system) name servers. It is used to verifying and troubleshooting DNS problems. It also perform DNS lookups and display the queried answers. Dig is part of the BIND domain name server software suite. Dig replaced the older tool such as nslookup and the host.
In this tutorial I am going to explain dig command with examples in Linux.
Remember Some point About Dig
- Dig stands for ” Domain Information Groper“.
- We can use dig on command line or in batch mode.
- It also supports Internationalised Domain Name(IDN) convection too.
- Dig is more advanced than other old tools such as host command and nslookup.
- Dig provides much information than any other tools.
Dig Usage:
1. Dig basic Usage
When we use domain name with dig command by default it displays the A record (IP Address Of Sites) as shown below.
[root@looklinux ~]# dig redhat.com ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> redhat.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48235 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;redhat.com. IN A ;; ANSWER SECTION: redhat.com. 28 IN A 209.132.183.105 ;; Query time: 0 msec ;; SERVER: 172.31.0.2#53(172.31.0.2) ;; WHEN: Mon Mar 6 07:32:05 2017 ;; MSG SIZE rcvd: 44
I have coloured the above output to explain it.
1. Green display the Dig version ( 9.8 ).
2. Blue display the question it asked the DNS.
3. Red display the answer it received from the DNS.
4. Light Green display the total query time.
5. Yellow display the server information and show on what port dns server is working.
6. Pink display date and time of executed query.
2. Dig usage for reverse lookup
Use the IP address with -x option to perform the DNS reverse look up. You can use external IP address to know the website domain name.
[root@looklinux ~]# dig -x 209.132.183.105 +short redirect.redhat.com.
To view full details of DNS reverse look-up, follow the below command.
[root@looklinux ~]# dig -x 209.132.183.105 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> -x 209.132.183.105 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41873 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;105.183.132.209.in-addr.arpa. IN PTR ;; ANSWER SECTION: 105.183.132.209.in-addr.arpa. 60 IN PTR redirect.redhat.com. ;; Query time: 147 msec ;; SERVER: 172.31.0.2#53(172.31.0.2) ;; WHEN: Mon Mar 6 07:24:04 2017 ;; MSG SIZE rcvd: 79
3. Show only the Answer Section
Follow the below command to display the only Answer Section.
[root@looklinux ~]# dig redhat.com +nocomments +noquestion +noauthority +noadditional +nostats ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> redhat.com +nocomments +noquestion +noauthority +noadditional +nostats ;; global options: +cmd redhat.com. 60 IN A 209.132.183.105
Where:
- +nocomments : Turn of the comment lines
- +noquestion : Turn of the question section
- +noauthority : Turn of the authority section
- +noadditional : Turn of the additional section
- +nostats : Turn of the stats section
Instead of disabling all the sections one by one, you can use +noall to disable all sections ( it also turns off answer section), and at the end of command add the +answer which will display the only answer section.
[root@looklinux ~]# dig redhat.com +noall +answer ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> redhat.com +noall +answer ;; global options: +cmd redhat.com. 60 IN A 209.132.183.105
4. Query MX Records
To query MX records, use -t options with dig command like below.
[root@looklinux ~]# dig redhat.com MX +noall +answer ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> redhat.com MX +noall +answer ;; global options: +cmd redhat.com. 60 IN MX 10 mx2.redhat.com. redhat.com. 60 IN MX 5 mx1.redhat.com.
With -t option
[root@looklinux ~]# dig -t MX redhat.com +noall +answer ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> -t MX redhat.com +noall +answer ;; global options: +cmd redhat.com. 60 IN MX 5 mx1.redhat.com. redhat.com. 60 IN MX 10 mx2.redhat.com.
5. Query NS Records
We can use NS option to query the NS records like below.
[root@looklinux ~]# dig redhat.com NS +noall +answer ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> redhat.com NS +noall +answer ;; global options: +cmd redhat.com. 60 IN NS ns1.redhat.com. redhat.com. 60 IN NS ns2.redhat.com. redhat.com. 60 IN NS ns3.redhat.com. redhat.com. 60 IN NS ns4.redhat.com.
You can also use -t option like below.
[root@looklinux ~]# dig -t NS redhat.com +noall +answer ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> -t NS redhat.com +noall +answer ;; global options: +cmd redhat.com. 60 IN NS ns1.redhat.com. redhat.com. 60 IN NS ns2.redhat.com. redhat.com. 60 IN NS ns3.redhat.com. redhat.com. 60 IN NS ns4.redhat.com.
6. Display all DNS Records
You can use ANY option to show all DNS records like A, MX, NS, etc., Type below command for result.
[root@looklinux ~]# dig redhat.com ANY +noall +answer ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> redhat.com ANY +noall +answer ;; global options: +cmd redhat.com. 60 IN MX 10 mx2.redhat.com. redhat.com. 60 IN MX 5 mx1.redhat.com. redhat.com. 60 IN A 209.132.183.105
With -t option.
[root@looklinux ~]# dig -t ANY redhat.com +noall +answer ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> -t ANY redhat.com +noall +answer ;; global options: +cmd redhat.com. 5 IN MX 5 mx1.redhat.com. redhat.com. 5 IN MX 10 mx2.redhat.com. redhat.com. 5 IN A 209.132.183.105
7. Display Short Output
You can use short option to view the IP address of web site. For example to show A record.
[root@looklinux ~]# dig redhat.com +short 209.132.183.105 You can also specify a record type that you want to view with the +short option. [root@looklinux ~]# dig redhat.com ns +short ns3.redhat.com. ns4.redhat.com. ns1.redhat.com. ns2.redhat.com.
8. Diq Query With Specific DNS Server
Dig use the DNS server defined in “/etc/resolve.conf” file by default. You can use different DNS server to perform the query.
[root@looklinux ~]# dig @ns1.redhat.com redhat.com ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> @ns1.redhat.com redhat.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<
9. Multiple DNS Server Query
You can query multiple websites using a data file. Create a file called multiple.txt that contains the website that you want to query.
[root@looklinux ~]# vim multiple.txt redhat.com facebook.com google.com
Save and exit.
Now execute the dig -f like below.
[root@looklinux ~]# dig -f multiple.txt ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> redhat.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3548 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;redhat.com. IN A ;; ANSWER SECTION: redhat.com. 60 IN A 209.132.183.105 ;; Query time: 1 msec ;; SERVER: 172.31.0.2#53(172.31.0.2) ;; WHEN: Mon Mar 6 09:14:06 2017 ;; MSG SIZE rcvd: 44 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> facebook.com ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26958 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;facebook.com. IN A ;; ANSWER SECTION: facebook.com. 60 IN A 31.13.65.36 ;; Query time: 1 msec ;; SERVER: 172.31.0.2#53(172.31.0.2) ;; WHEN: Mon Mar 6 09:14:06 2017 ;; MSG SIZE rcvd: 46 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.51.amzn1 <<>> google.com ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33588 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 60 IN A 216.58.217.174 ;; Query time: 1 msec ;; SERVER: 172.31.0.2#53(172.31.0.2) ;; WHEN: Mon Mar 6 09:14:06 2017 ;; MSG SIZE rcvd: 44
You can see combine record type with the -f option.
Use the below command to display the MX records of multiple websites that are located in the multiple.txt file.
[root@looklinux ~]# dig -f multiple.txt MX +noall +answer redhat.com. 60 IN MX 10 mx2.redhat.com. redhat.com. 60 IN MX 5 mx1.redhat.com. facebook.com. 60 IN MX 10 msgin.vvv.facebook.com. google.com. 60 IN MX 50 alt4.aspmx.l.google.com. google.com. 60 IN MX 10 aspmx.l.google.com. google.com. 60 IN MX 20 alt1.aspmx.l.google.com. google.com. 60 IN MX 30 alt2.aspmx.l.google.com. google.com. 60 IN MX 40 alt3.aspmx.l.google.com.
10. Use $HOME/.digrc File to Store Default dig Options
If you want to show always Answer section of the dig output without typing the “+noall +answer” with dig command. You can add your dig options to the .digrc file like below.
# vim $HOME/.digrc +noall +answer
Now if you execute dig command anytime, it will always use +noall and +answer options by default.
[root@looklinux ~]# dig redhat.com redhat.com. 60 IN A 209.132.183.81 $ dig redhat.com MX redhat.com. 52 IN MX 5 mx1.redhat.com. redhat.com. 52 IN MX 10 mx2.redhat.com.
I hope this article will help to query the DNS Server and debugging DNS server related issues. If you have any queries and problem please comment in comment section.
Thanks:)
If you find this tutorial helpful please share with your friends to keep it alive. For more helpful topic browse my website www.looklinux.com. To become an author at LookLinux Submit Article. Stay connected to Facebook.
Leave a Comment