"dig" Command

Learn all about dig command

HOME

dig - Domain Information Groper

It is used for querying DNS servers for various DNS records, making it very useful for troubleshooting DNS problems.

root:~# man dig

By default, with no name server specified the DNS resolver in the /etc/resolv.conf file will be used, dig will also look for an A record if no other options specified.

Example-1

1.1 dig command and its output

root:~# dig www.google.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59499
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.com.            IN    A

;; ANSWER SECTION:
www.google.com.        74    IN    A    172.217.23.132

;; AUTHORITY SECTION:
google.com.        104750    IN    NS    ns4.google.com.
google.com.        104750    IN    NS    ns2.google.com.
google.com.        104750    IN    NS    ns3.google.com.
google.com.        104750    IN    NS    ns1.google.com.

;; ADDITIONAL SECTION:
ns1.google.com.        116255    IN    A    216.239.32.10
ns2.google.com.        116255    IN    A    216.239.34.10
ns3.google.com.        116255    IN    A    216.239.36.10
ns4.google.com.        116255    IN    A    216.239.38.10

;; Query time: 0 msec
;; SERVER: 192.8.1.136#53(192.8.1.136)
;; WHEN: Thu Dec 28 17:14:59 UTC 2017
;; MSG SIZE  rcvd: 195

Descriptions of Output:

Header: This displays the dig command version number,the global options used by the dig command, and the other additional header information.

QUESTION SECTION: It displays the question it asked the DNS i.e. our input. Here, we have asked 'dig www.google.com', and the default type dig command uses is A record.

ANSWER SECTION: It displays the answer it receives from the DNS i.e. our output. That displays the A record of www.google.com

AUTHORITY SECTION: This displays the DNS name server that has authority to respond to this query.

ADDITIONAL SECTION: This displays the ip address of the name servers listed in AUTHORITY SECTION.

Stat At the bottom displays few dig command statistics including how much time it took to execute this query as well as which DNS server has been used.

Example-2

2.1 Display Required (Answers) Section Only

root:~# dig www.google.com +nocomments +noquestion +noauthority +noadditional +nostats

; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com +nocomments +noquestion +noauthority +noadditional +nostats
;; global options: +cmd
www.google.com.        204    IN    A    216.58.214.100
root:~#

The above command can also be written in another way:

root:~# dig www.google.com +noall +answer

; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com +noall +answer
;; global options: +cmd
www.google.com.        136    IN    A    216.58.214.100

2.2 Display Short Output

root:~# dig www.google.com +short
216.58.208.36

Example-3

3.1 Query using Specific Domain Name Server (DNS)

root:~# dig www.google.com @8.8.8.8

; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29910
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.google.com.            IN    A

;; ANSWER SECTION:
www.google.com.        299    IN    A    172.217.3.164

;; Query time: 15 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Dec 28 17:37:44 UTC 2017
;; MSG SIZE  rcvd: 59

Here, Output shows that 8.8.8.8 DNS SERVER was used.

3.2 Search For Desired Record Type

By Default dig will return the A record, however we can specify any other records that we wish to query.

root:~# dig www.google.com MX

; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2143
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.com.            IN    MX

;; AUTHORITY SECTION:
google.com.        60    IN    SOA    ns1.google.com. dns-admin.google.com. 180263616 900 900 1800 60

;; Query time: 13 msec
;; SERVER: 198.18.1.136#53(198.18.1.136)
;; WHEN: Thu Dec 28 17:39:29 UTC 2017
;; MSG SIZE  rcvd: 93

root:~#

Example-4

4.1 Reverse DNS lookup (-x)

dig command to perform a reverse DNS lookup, that is we can query an IP address and find the domain name that it points to be querying the PTR record.
Note: PTR stands for Pointer Records. i.e used to map a network interface (IP) to a host name. These are primarily used for reverse DNS.

root:~# dig -x 216.58.208.36

; <<>> DiG 9.10.3-P4-Ubuntu <<>> -x 216.58.208.36
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8389
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;36.208.58.216.in-addr.arpa.    IN    PTR

;; ANSWER SECTION:
36.208.58.216.in-addr.arpa. 86400 IN    PTR    fra15s12-in-f36.1e100.net.
36.208.58.216.in-addr.arpa. 86400 IN    PTR    fra15s12-in-f4.1e100.net.

;; AUTHORITY SECTION:
208.58.216.in-addr.arpa. 86400    IN    NS    ns3.google.com.
208.58.216.in-addr.arpa. 86400    IN    NS    ns1.google.com.
208.58.216.in-addr.arpa. 86400    IN    NS    ns4.google.com.
208.58.216.in-addr.arpa. 86400    IN    NS    ns2.google.com.

;; ADDITIONAL SECTION:
ns1.google.com.        113974    IN    A    216.239.32.10
ns2.google.com.        113974    IN    A    216.239.34.10
ns3.google.com.        113974    IN    A    216.239.36.10
ns4.google.com.        113974    IN    A    216.239.38.10

;; Query time: 20 msec
;; SERVER: 198.18.1.136#53(198.18.1.136)
;; WHEN: Thu Dec 28 17:53:00 UTC 2017
;; MSG SIZE  rcvd: 269

This IP address has two PTR records, pointing to fra15s12-in-f36.1e100.net and fra15s12-in-f4.1e100.net

Example-5

5.1 Look From File (-f)

dig can take a list of domains from a file (one domain name per line) that can be useful if user neeeds to script bulk DNS lookups.

root:~# cat dns_name.txt
www.candidinformation.com
www.redhat.com
www.facebook.com
root:~# dig -f dns_name.txt +short
candidinformation.com.
166.62.6.49
ds-www.redhat.com.edgekey.net.
ds-www.redhat.com.edgekey.net.globalredir.akadns.net.
e3396.dscx.akamaiedge.net.
23.200.217.192
star-mini.c10r.facebook.com.
31.13.67.35
root:~#

5.2 Specify Port Number (-p)

By Default dig command uses port 53 (standard DNS port) for query, but it can use non-standport if required for query.

root:~# dig @4.4.4.4 -p 12345 www.google.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> -p 12345 www.google.com
;; global options: +cmd
;; connection timed out; no servers could be reached

In this example, DNS server (4.4.4.4) should actually listen on port 12345 to respond to query asked. but its not running so timeout had happened.

Example-6

6.1 Use IPv4 (-4) or IPv6 (-6)

By Default, dig queries are running over IPv4 (-4) but alternatively we can specify to use IPv6 (-6) option.

root:~# dig -6 @2001:4860:4860::8888 google.com A

; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.google.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40588
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.com.            IN    A

;; ANSWER SECTION:
google.com.        294    IN    A    66.102.1.113
google.com.        294    IN    A    66.102.1.101
google.com.        294    IN    A    66.102.1.138
google.com.        294    IN    A    66.102.1.100
google.com.        294    IN    A    66.102.1.139
google.com.        294    IN    A    66.102.1.102

;; Query time: 6 msec
;; SERVER: 2001:4860:4860::8888#53(2001:4860:4860::8888)
;; WHEN: Tue Sep  6 13:21:10 2016
;; MSG SIZE  rcvd: 124

Example-7

7.1 Adjust Defaults with ~/.digrc file

We can create a .digrc in our home directory to include any custom options that we want dig to run with by default.

root:~# cat .digrc
+short
root:~# dig www.google.com
216.58.214.100
root:~#