1. Home
  2. Linux
  3. 13 dig command examples to Dig through DNS records

13 dig command examples to Dig through DNS records

Dig, the Domain Information Groper is one of the useful utility to lookup Domain Name System (DNS). The command helps administrators to query a domain to get its DNS information. For instance, Nameservers, IP address, Resource Records such as A, CNAME, MX, NS etc…It also helps to validate a domain by retrieving RRSIG record of a domain that is Domain Name System Security Extension (DNSSEC) signed.  If you want to setup a DNS server, then you may want to try out few dig commands to ensure the setup is working properly. In this article, I’ll be showing 13 example commands of dig with sample outputs for your reference.

1. Basic command format

$dig kernel.org
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> kernel.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64302
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 5

;; QUESTION SECTION:
;kernel.org. IN A

;; ANSWER SECTION:
kernel.org. 339 IN A 149.20.4.69
kernel.org. 339 IN A 198.145.20.140

;; AUTHORITY SECTION:
kernel.org. 76838 IN NS ns1.kernel.org.
kernel.org. 76838 IN NS ns0.kernel.org.
kernel.org. 76838 IN NS ns2.kernel.org.

;; ADDITIONAL SECTION:
ns1.kernel.org. 76838 IN A 149.20.20.144
ns1.kernel.org. 76838 IN AAAA 2001:4f8:8:10::1:1
ns2.kernel.org. 76838 IN A 149.20.4.80
ns2.kernel.org. 76838 IN AAAA 2001:4f8:1:10::1:1
ns0.kernel.org. 76838 IN A 198.145.19.196

;; Query time: 70 msec
;; SERVER: 10.180.0.11#53(10.180.0.11)
;; WHEN: Thu Nov 14 18:15:32 2013
;; MSG SIZE rcvd: 218

The dig output consists of: Headers, Question section, Answer section, Authority section, Additional section and Stats.

Headers: The headers consists of information about the version of dig you are using and the domain to which the query is made. If the query was asked to a specific DNS, then the DNS server information is also displayed under header.

Question Section: This shows the question that was asked to DNS. For example, the above command digs to domain ‘kernel.org’ and the default type used is ‘A’ record. It means, we queried to retrieve A record of kernel.org.

Answer Section: Here’s the answer for the asked question. You get the IP address of the domain kernel.org

Authority Section: The Name servers that responded to the query. It lists the nameservers of the domain kernel.org.

Additional Section: This section contains the IP address of name servers.

Stats: This section contains the size of the message received and the time taken to retrieve the records.

2. Disable specific sections in dig output

$dig kernel.org +nostats +noadditional +nocomments +noquestion +noauthority

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> kernel.org +nostats +noadditional +nocomments +noquestion +noauthority
;; global options: +cmd
kernel.org. 377 IN A 149.20.4.69
kernel.org. 377 IN A 198.145.20.140

+noadditional : Turn Off Additional section

+nocomments : Turn Off Comments

+nostats: Turn off query statistics

+noquestion: Turn Off Question section

+noauthority: Turn Off Authority section

3. Display only specific section

$ dig kernel.org +noall +answer
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> kernel.org +noall +answer
 ;; global options: +cmd
 kernel.org. 275 IN A 198.145.20.140
 kernel.org. 275 IN A 149.20.4.69

+noall : Disables all section

+answer: Displays only answer section

4. Query MX record of a domain

$dig kernel.org MX +noall +answer
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> kernel.org MX +noall +answer
;; global options: +cmd
kernel.org. 488 IN MX 10 mail.kernel.org.
kernel.org. 488 IN MX 20 ns1.kernel.org.
kernel.org. 488 IN MX 999 bl-ckh-le.kernel.org.

The same can be achieved using -t MX option as well.

$ dig -t MX kernel.org +noall +answer
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> -t MX kernel.org +noall +answer
;; global options: +cmd
kernel.org. 399 IN MX 10 mail.kernel.org.
kernel.org. 399 IN MX 20 ns1.kernel.org.
kernel.org. 399 IN MX 999 bl-ckh-le.kernel.org.

5. Query NS records of a domain

$ dig -t NS kernel.org +noall +answer

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> -t NS kernel.org +noall +answer
;; global options: +cmd
kernel.org. 21479 IN NS ns0.kernel.org.
kernel.org. 21479 IN NS ns2.kernel.org.
kernel.org. 21479 IN NS ns1.kernel.org.
or
$ dig kernel.org NS +noall +answer

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> kernel.org NS +noall +answer
;; global options: +cmd
kernel.org. 21442 IN NS ns0.kernel.org.
kernel.org. 21442 IN NS ns2.kernel.org.
kernel.org. 21442 IN NS ns1.kernel.org.

6. Display ALL DNS records

All the DNS records for a domain can be retrieved using “ANY” option.

$ dig kernel.org ANY +noall +answer
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> kernel.org ANY +noall +answer
;; global options: +cmd
kernel.org. 600 IN SOA ns1.kernel.org. hostmaster.ns1.kernel.org. 2013081404 600 150 604800 600
kernel.org. 21600 IN NS ns1.kernel.org.
kernel.org. 21600 IN NS ns2.kernel.org.
kernel.org. 21600 IN NS ns0.kernel.org.
kernel.org. 600 IN A 149.20.4.69
kernel.org. 600 IN A 198.145.20.140
kernel.org. 600 IN MX 10 mail.kernel.org.
kernel.org. 600 IN MX 20 ns1.kernel.org.
kernel.org. 600 IN MX 999 bl-ckh-le.kernel.org.
OR
$ dig -t ANY kernel.org +noall +answer
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> -t ANY kernel.org +noall +answer
;; global options: +cmd
kernel.org. 568 IN SOA ns1.kernel.org. hostmaster.ns1.kernel.org. 2013081404 600 150 604800 600
kernel.org. 21568 IN NS ns1.kernel.org.
kernel.org. 21568 IN NS ns2.kernel.org.
kernel.org. 21568 IN NS ns0.kernel.org.
kernel.org. 568 IN A 149.20.4.69
kernel.org. 568 IN A 198.145.20.140
kernel.org. 568 IN MX 10 mail.kernel.org.
kernel.org. 568 IN MX 20 ns1.kernel.org.
kernel.org. 568 IN MX 999 bl-ckh-le.kernel.org.

7. Use +short to display short outputs

If you want to view only the IP address of a domain, then use +short option. The dig will pull only ‘A’ record of the queried domain.

$ dig kernel.org +short
149.20.4.69
198.145.20.140

8. Get DNSSEC records

To get DNSSEC records of a domain that is DNSSEC signed, use ‘+dnssec’ option as below,

$ dig dnssectest.sidn.nl +dnssec +short
www.sidn.nl.
CNAME 8 3 86400 20131214071501 20131114071501 42033 sidn.nl. oN/P1jg9Zcx4+2XK+dZXw4OhlsGJAEK14kcIv4VQsxM0CZoyvwGsd23C pfY3k1tPXBDOy/oE+gjO0FDq+5eXXERtlTA+5Mu9tjnM5TDW66IFgOgt RN5Hw79BjAHpIR06igjXO+hk9ZqKOWCMVjyJvDgRB3PbkRIe6PNmjmgA 5Y8=
213.136.31.220
A 8 3 86400 20131214071501 20131114071501 42033 sidn.nl. pM0FWWo+U7CKIG91LHq66ZIXvphBtFhuxguB+GELlOeHXkJYSon2DwB2 ayV+TdCp9YxqdnkzbPXIGs8xZCw+KuNGIxmWGRXNp9xCC4TVkgDLpHw7 VFzTgMjyoSOjQ01rBC3vXVsWZVjYkMnjARxg/eS97QKwUYeiRHfTemUQ 9qA=

Learn more about DNSSEC and how to validate DNS response.

9. Perform reverse lookup (IP to domain)

Use ‘-x’ option to perform reverse lookup.

$ dig -x 198.145.20.140 +short
tiz-korg-pub.kernel.org

10. Multiple DNS query using -f option

$ more domains.txt
kernel.org
centos.org

Query using -f option,

$ dig -f domains.txt +noall +answer
kernel.org. 166 IN A 149.20.4.69
kernel.org. 166 IN A 198.145.20.140
centos.org. 46 IN A 85.12.30.227

11. How to use specific DNS Server to respond the queries

Format goes like this,

$dig @<dns_server> <domainname>
$dig @8.8.8.8 kernel.org

The command will send a query to Google DNS 8.8.8.8.

12. Create .digrc to store the default options

If you are using set of options more frequently, then add them to $HOME/.digrc file.

$ cat $HOME/.digrc
+noall +answer

13. Use ‘+multi’ option to display multi-line output

‘+multi’ option comes handy to display the output in multiple lines. It is useful to display DNSKEY.

$ dig dnssectest.sidn.nl +dnssec +multi

 

Updated on September 3, 2017

Was this article helpful?

Related Articles

Comments

Leave a Comment