by Professor Tux J. Penguin
9 Commands to query DNS with DIG
Dig stands for (Domain Information Groper). It is a network administration command-line tool for querying Domain Name System (DNS) name servers. It is useful for verifying and troubleshooting DNS problems and also to perform DNS lookups and displays the answers that are returned from the name server that were queried. DIG is part of the BIND domain name server software suite. DIG command replaces older tools such as nslookup. DIG is available in all major Linux distributions.
1. Query Domain "A" Record
[youcantoo@localhost ~]$ dig yahoo.com
; <<>> DiG 9.9.3-P2 <<>> yahoo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43271
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;yahoo.com. IN A
;; ANSWER SECTION:
yahoo.com. 1342 IN A 98.139.183.24
yahoo.com. 1342 IN A 206.190.36.45
yahoo.com. 1342 IN A 98.138.253.109
;; Query time: 27 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Mon Jun 16 15:20:59 PDT 2014
;; MSG SIZE rcvd: 86
The above command causes dig to look up the "A" record for the domain name yahoo.com. Dig command reads the /etc/resolv.conf file and querying the DNS servers listed there. The response from the DNS server is what dig displays.
Let us understand the output of the commands:
1. Lines beginning with ; are comments, and not part of the information.
2. The first line tell us the version of dig (9.8.2) command.
3. Next, dig shows the header of the response it received from the DNS server
4. Next comes the question section, which simply tells us the query, which in this case is a query for the "A" record of yahoo.com. The IN means this is an Internet lookup (in the Internet class).
5. The answer section tells us that yahoo.com has the IP address 98.139.183.24
6. Lastly there are some stats about the query. You can turn off these stats using the +nostats option.
2. Query Domain "A" Record with +short
By default dig is quite verbose. One way to cut down the output is to use the +short option. This will drastically cut the output, as shown below.
[youcantoo@localhost ~]$ dig yahoo.com +short
206.190.36.45
98.139.183.24
98.138.253.109
3. Querying MX record for Domain
Querying different types of DNS resource records only.
[youcantoo@localhost ~]$ dig yahoo.com MX
; <<>> DiG 9.9.3-P2 <<>> yahoo.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58791
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;yahoo.com. IN MX
;; ANSWER SECTION:
yahoo.com. 1080 IN MX 1 mta5.am0.yahoodns.net.
yahoo.com. 1080 IN MX 1 mta6.am0.yahoodns.net.
yahoo.com. 1080 IN MX 1 mta7.am0.yahoodns.net.
4. Querying SOA record for Domain
[youcantoo@localhost ~]$ dig yahoo.com soa
; <<>> DiG 9.9.3-P2 <<>> yahoo.com soa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49302
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;yahoo.com. IN SOA
;; ANSWER SECTION:
yahoo.com. 595 IN SOA ns1.yahoo.com. hostmaster.yahoo-inc.com. 2014061609 3600 300 1814400 600
5. Querying TTL record for Domain
[youcantoo@localhost ~]$ dig yahoo.com ttl
; <<>> DiG 9.9.3-P2 <<>> yahoo.com ttl
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26925
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;yahoo.com. IN A
;; ANSWER SECTION:
yahoo.com. 1342 IN A 206.190.36.45
yahoo.com. 1342 IN A 98.139.183.24
yahoo.com. 1342 IN A 98.138.253.109
6. Querying only answer section
[youcantoo@localhost ~]$ dig yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats
; <<>> DiG 9.9.3-P2 <<>> yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats
;; global options: +cmd
yahoo.com. 1237 IN A 98.138.253.109
yahoo.com. 1237 IN A 206.190.36.45
yahoo.com. 1237 IN A 98.139.183.24
7. Querying ALL DNS record types
[youcantoo@localhost ~]$ dig yahoo.com ANY +noall +answer
; <<>> DiG 9.9.3-P2 <<>> yahoo.com ANY +noall +answer
;; global options: +cmd
yahoo.com. 1164 IN A 206.190.36.45
yahoo.com. 1164 IN A 98.139.183.24
yahoo.com. 1164 IN A 98.138.253.109
yahoo.com. 690 IN MX 1 mta5.am0.yahoodns.net.
yahoo.com. 690 IN MX 1 mta6.am0.yahoodns.net.
yahoo.com. 690 IN MX 1 mta7.am0.yahoodns.net.
yahoo.com. 172689 IN NS ns5.yahoo.com.
yahoo.com. 172689 IN NS ns1.yahoo.com.
yahoo.com. 172689 IN NS ns6.yahoo.com.
yahoo.com. 172689 IN NS ns2.yahoo.com.
yahoo.com. 172689 IN NS ns3.yahoo.com.
yahoo.com. 172689 IN NS ns4.yahoo.com.
yahoo.com. 558 IN SOA ns1.yahoo.com. hostmaster.yahoo-inc.com. 2014061609 3600 300 1814400 600
8. DNS Reverse Look-up
Querying DNS Reverse Lookup. Only display answer section with using +short.
[youcantoo@localhost ~]$ dig -x 98.139.183.24 +short
ir2.fp.vip.bf1.yahoo.com.
9. Querying Multiple DNS Records
Query multiple website’s DNS specific query viz. MX, NS etc. records.
[youcantoo@localhost ~]$ dig yahoo.com mx +noall +answer redhat.com ns +noall +answer
; <<>> DiG 9.9.3-P2 <<>> yahoo.com mx +noall +answer redhat.com ns +noall +answer
;; global options: +cmd
yahoo.com. 332 IN MX 1 mta7.am0.yahoodns.net.
yahoo.com. 332 IN MX 1 mta5.am0.yahoodns.net.
yahoo.com. 332 IN MX 1 mta6.am0.yahoodns.net.
redhat.com. 467 IN NS ns4.redhat.com.
redhat.com. 467 IN NS ns2.redhat.com.
redhat.com. 467 IN NS ns3.redhat.com.
redhat.com. 467 IN NS ns1.redhat.com.
|