Learn all about dig command
dig - Domain Information Groper
It is used for querying DNS servers for various DNS records, making it very useful for troubleshooting DNS problems.
root:~# man digBy default, with no name server specified the DNS resolver in the /etc/resolv.conf file will be used, dig will also look for an A record if no other options specified.
1.1 dig command and its output
root:~# dig www.google.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59499 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.google.com. IN A ;; ANSWER SECTION: www.google.com. 74 IN A 172.217.23.132 ;; AUTHORITY SECTION: google.com. 104750 IN NS ns4.google.com. google.com. 104750 IN NS ns2.google.com. google.com. 104750 IN NS ns3.google.com. google.com. 104750 IN NS ns1.google.com. ;; ADDITIONAL SECTION: ns1.google.com. 116255 IN A 216.239.32.10 ns2.google.com. 116255 IN A 216.239.34.10 ns3.google.com. 116255 IN A 216.239.36.10 ns4.google.com. 116255 IN A 216.239.38.10 ;; Query time: 0 msec ;; SERVER: 192.8.1.136#53(192.8.1.136) ;; WHEN: Thu Dec 28 17:14:59 UTC 2017 ;; MSG SIZE rcvd: 195
2.1 Display Required (Answers) Section Only
root:~# dig www.google.com +nocomments +noquestion +noauthority +noadditional +nostats ; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com +nocomments +noquestion +noauthority +noadditional +nostats ;; global options: +cmd www.google.com. 204 IN A 216.58.214.100 root:~#
root:~# dig www.google.com +noall +answer ; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com +noall +answer ;; global options: +cmd www.google.com. 136 IN A 216.58.214.100
root:~# dig www.google.com +short 216.58.208.36
3.1 Query using Specific Domain Name Server (DNS)
root:~# dig www.google.com @8.8.8.8 ; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29910 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;www.google.com. IN A ;; ANSWER SECTION: www.google.com. 299 IN A 172.217.3.164 ;; Query time: 15 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Thu Dec 28 17:37:44 UTC 2017 ;; MSG SIZE rcvd: 59Here, Output shows that 8.8.8.8 DNS SERVER was used.
root:~# dig www.google.com MX ; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com MX ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2143 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.google.com. IN MX ;; AUTHORITY SECTION: google.com. 60 IN SOA ns1.google.com. dns-admin.google.com. 180263616 900 900 1800 60 ;; Query time: 13 msec ;; SERVER: 198.18.1.136#53(198.18.1.136) ;; WHEN: Thu Dec 28 17:39:29 UTC 2017 ;; MSG SIZE rcvd: 93 root:~#
4.1 Reverse DNS lookup (-x)
dig command to perform a reverse DNS lookup, that is we can query an IP address and find the domain name that it points to be querying the PTR record.
Note:
PTR stands for Pointer Records. i.e used to map a network interface (IP) to a host name. These are primarily used for reverse DNS.
root:~# dig -x 216.58.208.36 ; <<>> DiG 9.10.3-P4-Ubuntu <<>> -x 216.58.208.36 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8389 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 5 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;36.208.58.216.in-addr.arpa. IN PTR ;; ANSWER SECTION: 36.208.58.216.in-addr.arpa. 86400 IN PTR fra15s12-in-f36.1e100.net. 36.208.58.216.in-addr.arpa. 86400 IN PTR fra15s12-in-f4.1e100.net. ;; AUTHORITY SECTION: 208.58.216.in-addr.arpa. 86400 IN NS ns3.google.com. 208.58.216.in-addr.arpa. 86400 IN NS ns1.google.com. 208.58.216.in-addr.arpa. 86400 IN NS ns4.google.com. 208.58.216.in-addr.arpa. 86400 IN NS ns2.google.com. ;; ADDITIONAL SECTION: ns1.google.com. 113974 IN A 216.239.32.10 ns2.google.com. 113974 IN A 216.239.34.10 ns3.google.com. 113974 IN A 216.239.36.10 ns4.google.com. 113974 IN A 216.239.38.10 ;; Query time: 20 msec ;; SERVER: 198.18.1.136#53(198.18.1.136) ;; WHEN: Thu Dec 28 17:53:00 UTC 2017 ;; MSG SIZE rcvd: 269This IP address has two PTR records, pointing to fra15s12-in-f36.1e100.net and fra15s12-in-f4.1e100.net
5.1 Look From File (-f)
dig can take a list of domains from a file (one domain name per line) that can be useful if user neeeds to script bulk DNS lookups.
root:~# cat dns_name.txt www.candidinformation.com www.redhat.com www.facebook.com root:~# dig -f dns_name.txt +short candidinformation.com. 166.62.6.49 ds-www.redhat.com.edgekey.net. ds-www.redhat.com.edgekey.net.globalredir.akadns.net. e3396.dscx.akamaiedge.net. 23.200.217.192 star-mini.c10r.facebook.com. 31.13.67.35 root:~#
root:~# dig @4.4.4.4 -p 12345 www.google.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> -p 12345 www.google.com ;; global options: +cmd ;; connection timed out; no servers could be reachedIn this example, DNS server (4.4.4.4) should actually listen on port 12345 to respond to query asked. but its not running so timeout had happened.
6.1 Use IPv4 (-4) or IPv6 (-6)
By Default, dig queries are running over IPv4 (-4) but alternatively we can specify to use IPv6 (-6) option.
root:~# dig -6 @2001:4860:4860::8888 google.com A ; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40588 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 294 IN A 66.102.1.113 google.com. 294 IN A 66.102.1.101 google.com. 294 IN A 66.102.1.138 google.com. 294 IN A 66.102.1.100 google.com. 294 IN A 66.102.1.139 google.com. 294 IN A 66.102.1.102 ;; Query time: 6 msec ;; SERVER: 2001:4860:4860::8888#53(2001:4860:4860::8888) ;; WHEN: Tue Sep 6 13:21:10 2016 ;; MSG SIZE rcvd: 124
7.1 Adjust Defaults with ~/.digrc file
We can create a .digrc
in our home directory to include any custom options that we want dig to run with by default.
root:~# cat .digrc +short root:~# dig www.google.com 216.58.214.100 root:~#