Dig command is a DNS lookup utility. Dig is a flexible tool for DNS name server lookup. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. dig is normally used with command-line arguments.
Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf. If no usable server addresses are found, dig will send the query to the local host.
A typical usage of dig looks like:
dig @server name type
where @server: is the name or IP address of the name server to query.
name: is the name of the resource record that is to be looked up.
type : indicates what type of query is required — ANY, A, MX, SIG, etc. type can be any valid query type. If no type argument is supplied, dig will perform a lookup for an A record.
Forward lookup example:
The default is to print the answer in a verbose form.
$ dig google.com
; <<>> DiG 9.10.3-P4-Ubuntu <<>> google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44224 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 39 IN A 74.125.200.101 google.com. 39 IN A 74.125.200.102 google.com. 39 IN A 74.125.200.139 google.com. 39 IN A 74.125.200.113 google.com. 39 IN A 74.125.200.138 google.com. 39 IN A 74.125.200.100 ;; Query time: 63 msec ;; SERVER: 192.168.1.10#53(192.168.1.10) ;; WHEN: Sat Jul 22 22:52:05 EDT 2017 ;; MSG SIZE rcvd: 135
Each query option is identified by a keyword preceded by a plus sign (+)
short query option provide a brief(short or answer section of normal dig lookup) answer, as showed in example:
$ dig google.com +short 74.125.200.101 74.125.200.113 74.125.200.102 74.125.200.139 74.125.200.138 74.125.200.100
Reverse lookup example:
-x option is used for mapping addresses to names. dig automatically performs a lookup for a name like 94.2.0.192.in-addr.arpa and sets the query type and class to PTR and IN respectively.
$ dig -x 8.8.8.8 +short google-public-dns-a.google.com.
Host lookup from specific DNS server:
@server: is the name or IP address of the name server to query. This can be an IPv4 address in dotted-decimal notation or an IPv6 address in colon-delimited notation. When the supplied server argument is a hostname, dig resolves that name before querying that name server.
If either of the -4 or -6 options are in use, then only
addresses for the corresponding transport will be tried. If no usable addresses are found, dig will send the query to the local host. The reply from the name server that responds is displayed.
dig @8.8.8.8 yahoo.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> @8.8.8.8 yahoo.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65331 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;yahoo.com. IN A ;; ANSWER SECTION: yahoo.com. 154 IN A 206.190.36.45 yahoo.com. 154 IN A 98.139.180.149 yahoo.com. 154 IN A 98.138.253.109 ;; Query time: 10 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Sun Jul 23 00:02:34 EDT 2017 ;; MSG SIZE rcvd: 86
If no server argument is provided, dig consults /etc/resolv.conf; if an address is found there, it queries the name server at that address. Compare below example with above one you will see SERVER IP’s(end of the query) are different
dig yahoo.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> yahoo.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22224 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;yahoo.com. IN A ;; ANSWER SECTION: yahoO.com. 1179 IN A 206.190.36.45 yahoO.com. 1179 IN A 98.138.253.109 yahoO.com. 1179 IN A 98.139.180.149 ;; Query time: 63 msec ;; SERVER: 192.168.1.10#53(192.168.1.10) ;; WHEN: Sun Jul 23 00:03:06 EDT 2017 ;; MSG SIZE rcvd: 92
Querying record types (A, NS, MX):
Query record type can be any valid query type. If no type argument is supplied, dig will perform a lookup for an A record.
$ dig google.com A +short 74.125.200.101 74.125.200.138 74.125.200.102 74.125.200.139 74.125.200.113 74.125.200.100 $ dig google.com MX +short 10 aspmx.l.google.com. 40 alt3.aspmx.l.google.com. 20 alt1.aspmx.l.google.com. 30 alt2.aspmx.l.google.com. 50 alt4.aspmx.l.google.com. $ dig google.com NS +short ns3.google.com. ns1.google.com. ns4.google.com. ns2.google.com.
Tracing DNS lookup :
Toggle tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled by default. When tracing is enabled, dig makes iterative queries to resolve the
name being looked up. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup.
$ dig google.com +trace ; <<>> DiG 9.10.3-P4-Ubuntu <<>> google.com +trace ;; global options: +cmd . 212244 IN NS c.root-servers.net. . 212244 IN NS i.root-servers.net. . 212244 IN NS h.root-servers.net. . 212244 IN NS l.root-servers.net. . 212244 IN NS d.root-servers.net. . 212244 IN NS g.root-servers.net. . 212244 IN NS m.root-servers.net. . 212244 IN NS b.root-servers.net. . 212244 IN NS j.root-servers.net. . 212244 IN NS f.root-servers.net. . 212244 IN NS k.root-servers.net. . 212244 IN NS e.root-servers.net. . 212244 IN NS a.root-servers.net. ;; Received 525 bytes from 103.243.222.250#53(103.243.222.250) in 62 ms com. 172800 IN NS e.gtld-servers.net. com. 172800 IN NS b.gtld-servers.net. com. 172800 IN NS f.gtld-servers.net. com. 172800 IN NS h.gtld-servers.net. com. 172800 IN NS c.gtld-servers.net. com. 172800 IN NS a.gtld-servers.net. com. 172800 IN NS g.gtld-servers.net. com. 172800 IN NS m.gtld-servers.net. com. 172800 IN NS d.gtld-servers.net. com. 172800 IN NS k.gtld-servers.net. com. 172800 IN NS l.gtld-servers.net. com. 172800 IN NS i.gtld-servers.net. com. 172800 IN NS j.gtld-servers.net. ;; Received 1170 bytes from 192.112.36.4#53(g.root-servers.net) in 236 ms google.com. 172800 IN NS ns2.google.com. google.com. 172800 IN NS ns1.google.com. google.com. 172800 IN NS ns3.google.com. google.com. 172800 IN NS ns4.google.com. ;; Received 660 bytes from 192.43.172.30#53(i.gtld-servers.net) in 123 ms google.com. 300 IN A 216.58.220.174 ;; Received 44 bytes from 216.239.34.10#53(ns2.google.com) in 115 ms
If @server is also specified, it affects only the initial query for the root zone name servers.
+dnssec is also set when +trace is set to better emulate the default queries from a nameserver.
Warning: count(): Parameter must be an array or an object that implements Countable in /home/vhosts/howtolinuxblog.orgfree.com/wp-includes/class-wp-comment-query.php on line 399
MOST COMMENTED
Uncategorized
Ubuntu 16.04 No desktop only shows background wallpaper
Administration / DNS / Linux
Dig command examples
Virtualization
OpenVz(Kernel Base Open source Virtulization)
Uncategorized
Install Ansible on Linux
Puppet
Configuring puppet4 server agent and puppetdb on ubuntu16.04
Database
Installing postgresql on ubuntu 16.04
Puppet
opensource puppet4 installation on ubuntu16.04