- RootUsers
- Guides, tutorials, reviews and news for System Administrators.
- 12 Dig Command Examples To Query DNS In Linux
- Install Dig
- How To Use dig – Command Examples
- 1. Basic DNS Query
- 2. Query Specific Name Server
- 3. Search For Record Type
- 4. Reverse DNS Lookup
- 5. Trace DNS Path
- 6. Adjust Answer Size
- 7. Lookup From File
- 8. Specify Port Number
- 9. Use IPv4 Or IPv6
- 10. Query All DNS Record Types
- 11. Customize Dig Output
- 12. Adjust Defaults With ~/.digrc File
- Summary
- Share this:
RootUsers
Guides, tutorials, reviews and news for System Administrators.
12 Dig Command Examples To Query DNS In Linux
Dig (domain information groper) is a tool that is used for querying DNS servers for various DNS records, making it very useful for troubleshooting DNS problems.
By the end of this guide you will know how to use dig to perform different types of DNS lookups in Linux.
Install Dig
In order to use the dig command we must first install it. In CentOS/RHEL/Fedora dig is part of the ‘bind-utils’ package.
[[email protected] ~]# yum install bind-utils -y
For Debian/Ubuntu based distributions it comes from the ‘dnsutils’ package.
[email protected]:~# apt-get install dnsutils -y
How To Use dig – Command Examples
1. Basic DNS Query
In its most simplest form we can specify a domain name after the dig command and it will perform a DNS lookup, as shown below.
[[email protected] ~]# dig google.com ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADERIn this output we can see that google.com has an A record pointing to the IP address 216.58.220.110. By default with no name server specified the DNS resolver in the /etc/resolv.conf file will be used, dig will also look for an A record with no other options specified.
2. Query Specific Name Server
In the above example we did not query any specific name server, so our query would have been sent to whatever is configured in our /etc/resolv.conf file which will contain the DNS resolvers that our Linux system is configured to use. We can specify a name server to send the query to with the @ symbol, followed by the hostname or IP address of the name server to communicate with.
[[email protected] ~]# dig @8.8.8.8 google.com ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > @8.8.8.8 google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER3. Search For Record Type
So far we have seen that by default dig will return the A record, however we can specify any other records that we wish to query by simply appending the record type to the end of the query. In this example, we lookup the MX records associated with google.com.
[[email protected] ~]# dig @8.8.8.8 google.com MX ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > @8.8.8.8 google.com MX ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER4. Reverse DNS Lookup
We can use the dig command to perform a reverse DNS lookup, that is we can query an IP address and find the domain name that it points to by querying the PTR record. This is done by using the -x option followed by the IP address to query. In the below example we perform a reverse lookup on one of the IP addresses that google.com resolved to in the first example.
[[email protected] ~]# dig -x 216.58.220.110 ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > -x 216.58.220.110 ;; global options: +cmd ;; Got answer: ;; ->>HEADER5. Trace DNS Path
We can perform a trace on the DNS lookup path with the +trace option, as shown below while querying google.com we can see what actually happens. First the root name servers for '.' are looked up, followed by the name servers for the .com domain, and then finally the name servers for google.com are returned, followed by the DNS records for it.
[[email protected] ~]# dig google.com +trace ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com +trace ;; global options: +cmd . 5 IN NS h.root-servers.net. . 5 IN NS g.root-servers.net. . 5 IN NS f.root-servers.net. . 5 IN NS e.root-servers.net. . 5 IN NS d.root-servers.net. . 5 IN NS c.root-servers.net. . 5 IN NS b.root-servers.net. . 5 IN NS a.root-servers.net. ;; Received 493 bytes from 192.168.220.2#53(192.168.220.2) in 671 ms com. 172800 IN NS a.gtld-servers.net. com. 172800 IN NS b.gtld-servers.net. com. 172800 IN NS c.gtld-servers.net. com. 172800 IN NS d.gtld-servers.net. com. 172800 IN NS e.gtld-servers.net. com. 172800 IN NS f.gtld-servers.net. com. 172800 IN NS g.gtld-servers.net. com. 172800 IN NS h.gtld-servers.net. com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766 com. 86400 IN RRSIG DS 8 1 86400 20160915170000 20160905160000 46551 . aRW+mmwKW6sWvAef35LCj5ZeQkFrOP8uWwMjQkPIqMfayBRuK1YuqF0h Pu0v4ZBaXPxj0KjmwLIry+Y8p6gIX7lFATfQmUNJcmFxaPYDdEuLYW4S 4idKDZkkEWA3LLUn9OQ0EdioR1PdVr/4xY/u48066DFDx5Vg6aEs1/0Q oXY= ;; Received 734 bytes from 192.203.230.10#53(e.root-servers.net) in 215 ms google.com. 172800 IN NS ns2.google.com. google.com. 172800 IN NS ns1.google.com. google.com. 172800 IN NS ns3.google.com. google.com. 172800 IN NS ns4.google.com. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20160911044243 20160904033243 27452 com. F8heeEXQl6/iOiPAJxfH/dIE7k6NkI0KDRH+evPdZJV6dUs4bYIfbvwI dIEmEDB1wn28MntLpjEixu+64VusOHrUaOXzg5I26D+UbUmksImr2a/P 39zxhHLIRJgYEUxrE1HrID+xY+PewGq3/aEVvPKofbO7/FyBJlmftQn6 12o= S84AE3BIT99DKIHQH27TRC0584HV5KOH.com. 86400 IN NSEC3 1 1 0 - S84J17P3PT4RKMEJOHNGD73C5Q5NV5S9 NS DS RRSIG S84AE3BIT99DKIHQH27TRC0584HV5KOH.com. 86400 IN RRSIG NSEC3 8 2 86400 20160909045208 20160902034208 27452 com. vxkCSPNnOpLiQNpsk1ZpsQzGMzNdbSpL6Up0Z0njXJrRUdD5eHC/tgnA cHc5mDX2IuuBqU65hZd40U2pSYCBeb5BfaRd9gaQIMyLBbBzd9nj2E+F 8LnTRqa+oXeYQVO1AlfysumdS/CgxwN0CidhCPxPQpPtfdnl6UaKxCzL 5d4= ;; Received 660 bytes from 192.31.80.30#53(d.gtld-servers.net) in 201 ms google.com. 300 IN A 150.101.161.211 google.com. 300 IN A 150.101.161.207 google.com. 300 IN A 150.101.161.221 google.com. 300 IN A 150.101.161.222 google.com. 300 IN A 150.101.161.237 google.com. 300 IN A 150.101.161.245 google.com. 300 IN A 150.101.161.215 google.com. 300 IN A 150.101.161.234 google.com. 300 IN A 150.101.161.236 google.com. 300 IN A 150.101.161.230 google.com. 300 IN A 150.101.161.241 google.com. 300 IN A 150.101.161.251 google.com. 300 IN A 150.101.161.219 google.com. 300 IN A 150.101.161.249 google.com. 300 IN A 150.101.161.226 ;; Received 268 bytes from 216.239.38.10#53(ns4.google.com) in 185 ms6. Adjust Answer Size
By default dig runs with full long output, which displays a lot of verbose information. While useful, there may be times where we simply want our result returned. This can be achieved with the +short option, as shown below when we query google.com we only see the IP address result without any further information.
[[email protected] ~]# dig google.com +short 216.58.220.1107. Lookup From File
Specifying a single domain after the dig command is not the only way to perform a lookup, we can also supply dig a list of domains from a file (one domain per line) which can be useful if you need to script bulk DNS lookups. In the below example, we use the -f option to read the file query.txt which contains three domains. For brevity I have also made use of +short here so we only see the IP addresses returned rather than the full output which would be quite long.
[[email protected] ~]# cat query.txt google.com yahoo.com rootusers.com [[email protected] ~]# dig -f query.txt +short 216.58.220.110 98.139.183.24 206.190.36.45 98.138.253.109 104.24.11.91 104.24.10.918. Specify Port Number
By default the dig command queries port 53 which is the standard DNS port, however we can optionally specify an alternate port if required. This may be useful if an external name server is configured to use a non standard port for some reason. We specify the port to query with the -p option, followed by the port number. In the below example we perform a DNS query to port 5300.
[[email protected] ~]# dig @8.8.8.8 -p 5300 google.com ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > @8.8.8.8 -p 5300 google.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached9. Use IPv4 Or IPv6
By default our dig queries are running over the IPv4 network, we can specify if we want to use the IPv4 transport with the -4 option, or alternatively we can specify to use the IPv6 transport with the -6 option.
[[email protected] ~]# dig -6 @2001:4860:4860::8888 google.com A ; > DiG 9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.8 > @2001:4860:4860::8888 google.com A ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER10. Query All DNS Record Types
We can use the 'ANY' option to query all DNS record types, this way we can quickly see all DNS records available for a domain. In the below example we can see the results for all types of different records, including A, AAAA, TXT, MX and NS.
[[email protected] ~]# dig google.com ANY ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com ANY ;; global options: +cmd ;; Got answer: ;; ->>HEADERIt should be noted that some name servers do not support this and will deny the request, for example many domains behind Cloudflare will simply return the below record only.
cloudflare.com. 5 IN HINFO "Please stop asking for ANY" "See draft-ietf-dnsop-refuse-any"11. Customize Dig Output
There are many different options that we can specify to customize what the dig command will print out. Hide All
With the +noall option, we can hide almost all output.[[email protected] ~]# dig google.com +noall ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com +noall ;; global options: +cmdNow from this clean base, we can choose what we want to display. We can also disable components from the default output in a similar manner. Print Statistics
By default some basic statistics appear at the bottom of the dig query, including query time, the server queried, when it happened and the message size. These can be removed with the +nostats option, or added with +stats.[[email protected] ~]# dig google.com +noall +stats ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com +noall +stats ;; global options: +cmd ;; Query time: 2 msec ;; SERVER: 192.168.220.2#53(192.168.220.2) ;; WHEN: Tue Sep 06 10:06:20 AEST 2016 ;; MSG SIZE rcvd: 55Print Answer
We can output the answer to the DNS query with the +answer option, as shown below we now actually see the IP address from the DNS query.[[email protected] ~]# dig google.com +noall +answer ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com +noall +answer ;; global options: +cmd google.com. 5 IN A 216.58.220.11012. Adjust Defaults With ~/.digrc File
We can create a .digrc file in our home directory to include any custom options that we want dig to run with by default. This way we can specify various options in the ~/.digrc file that will always automatically run with the dig command. In the below example we add the +short option to the .digrc in our home directory and then perform a dig on google.com, we can see that the output confirms it was run with +short even though we did not specify it on the command line.
[[email protected] ~]# cat .digrc +short [[email protected] ~]# dig google.com 216.58.220.110Summary
We have seen how the dig command can be used in many different ways to perform DNS queries in Linux, making it a useful tool for troubleshooting or performing DNS lookups.
If you're after further information on this topic, check out our DNS troubleshooting guide.
Share this: