Dns lookup from linux

RootUsers

Guides, tutorials, reviews and news for System Administrators.

12 Dig Command Examples To Query DNS In Linux

Dig (domain information groper) is a tool that is used for querying DNS servers for various DNS records, making it very useful for troubleshooting DNS problems.

By the end of this guide you will know how to use dig to perform different types of DNS lookups in Linux.

Install Dig

In order to use the dig command we must first install it. In CentOS/RHEL/Fedora dig is part of the ‘bind-utils’ package.

[[email protected] ~]# yum install bind-utils -y 

For Debian/Ubuntu based distributions it comes from the ‘dnsutils’ package.

[email protected]:~# apt-get install dnsutils -y 

How To Use dig – Command Examples

1. Basic DNS Query

In its most simplest form we can specify a domain name after the dig command and it will perform a DNS lookup, as shown below.

[[email protected] ~]# dig google.com ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER

In this output we can see that google.com has an A record pointing to the IP address 216.58.220.110. By default with no name server specified the DNS resolver in the /etc/resolv.conf file will be used, dig will also look for an A record with no other options specified.

2. Query Specific Name Server

In the above example we did not query any specific name server, so our query would have been sent to whatever is configured in our /etc/resolv.conf file which will contain the DNS resolvers that our Linux system is configured to use. We can specify a name server to send the query to with the @ symbol, followed by the hostname or IP address of the name server to communicate with.

[[email protected] ~]# dig @8.8.8.8 google.com ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > @8.8.8.8 google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER

3. Search For Record Type

So far we have seen that by default dig will return the A record, however we can specify any other records that we wish to query by simply appending the record type to the end of the query. In this example, we lookup the MX records associated with google.com.

[[email protected] ~]# dig @8.8.8.8 google.com MX ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > @8.8.8.8 google.com MX ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER

4. Reverse DNS Lookup

We can use the dig command to perform a reverse DNS lookup, that is we can query an IP address and find the domain name that it points to by querying the PTR record. This is done by using the -x option followed by the IP address to query. In the below example we perform a reverse lookup on one of the IP addresses that google.com resolved to in the first example.

[[email protected] ~]# dig -x 216.58.220.110 ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > -x 216.58.220.110 ;; global options: +cmd ;; Got answer: ;; ->>HEADER

5. Trace DNS Path

We can perform a trace on the DNS lookup path with the +trace option, as shown below while querying google.com we can see what actually happens. First the root name servers for '.' are looked up, followed by the name servers for the .com domain, and then finally the name servers for google.com are returned, followed by the DNS records for it.

[[email protected] ~]# dig google.com +trace ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com +trace ;; global options: +cmd . 5 IN NS h.root-servers.net. . 5 IN NS g.root-servers.net. . 5 IN NS f.root-servers.net. . 5 IN NS e.root-servers.net. . 5 IN NS d.root-servers.net. . 5 IN NS c.root-servers.net. . 5 IN NS b.root-servers.net. . 5 IN NS a.root-servers.net. ;; Received 493 bytes from 192.168.220.2#53(192.168.220.2) in 671 ms com. 172800 IN NS a.gtld-servers.net. com. 172800 IN NS b.gtld-servers.net. com. 172800 IN NS c.gtld-servers.net. com. 172800 IN NS d.gtld-servers.net. com. 172800 IN NS e.gtld-servers.net. com. 172800 IN NS f.gtld-servers.net. com. 172800 IN NS g.gtld-servers.net. com. 172800 IN NS h.gtld-servers.net. com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766 com. 86400 IN RRSIG DS 8 1 86400 20160915170000 20160905160000 46551 . aRW+mmwKW6sWvAef35LCj5ZeQkFrOP8uWwMjQkPIqMfayBRuK1YuqF0h Pu0v4ZBaXPxj0KjmwLIry+Y8p6gIX7lFATfQmUNJcmFxaPYDdEuLYW4S 4idKDZkkEWA3LLUn9OQ0EdioR1PdVr/4xY/u48066DFDx5Vg6aEs1/0Q oXY= ;; Received 734 bytes from 192.203.230.10#53(e.root-servers.net) in 215 ms google.com. 172800 IN NS ns2.google.com. google.com. 172800 IN NS ns1.google.com. google.com. 172800 IN NS ns3.google.com. google.com. 172800 IN NS ns4.google.com. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20160911044243 20160904033243 27452 com. F8heeEXQl6/iOiPAJxfH/dIE7k6NkI0KDRH+evPdZJV6dUs4bYIfbvwI dIEmEDB1wn28MntLpjEixu+64VusOHrUaOXzg5I26D+UbUmksImr2a/P 39zxhHLIRJgYEUxrE1HrID+xY+PewGq3/aEVvPKofbO7/FyBJlmftQn6 12o= S84AE3BIT99DKIHQH27TRC0584HV5KOH.com. 86400 IN NSEC3 1 1 0 - S84J17P3PT4RKMEJOHNGD73C5Q5NV5S9 NS DS RRSIG S84AE3BIT99DKIHQH27TRC0584HV5KOH.com. 86400 IN RRSIG NSEC3 8 2 86400 20160909045208 20160902034208 27452 com. vxkCSPNnOpLiQNpsk1ZpsQzGMzNdbSpL6Up0Z0njXJrRUdD5eHC/tgnA cHc5mDX2IuuBqU65hZd40U2pSYCBeb5BfaRd9gaQIMyLBbBzd9nj2E+F 8LnTRqa+oXeYQVO1AlfysumdS/CgxwN0CidhCPxPQpPtfdnl6UaKxCzL 5d4= ;; Received 660 bytes from 192.31.80.30#53(d.gtld-servers.net) in 201 ms google.com. 300 IN A 150.101.161.211 google.com. 300 IN A 150.101.161.207 google.com. 300 IN A 150.101.161.221 google.com. 300 IN A 150.101.161.222 google.com. 300 IN A 150.101.161.237 google.com. 300 IN A 150.101.161.245 google.com. 300 IN A 150.101.161.215 google.com. 300 IN A 150.101.161.234 google.com. 300 IN A 150.101.161.236 google.com. 300 IN A 150.101.161.230 google.com. 300 IN A 150.101.161.241 google.com. 300 IN A 150.101.161.251 google.com. 300 IN A 150.101.161.219 google.com. 300 IN A 150.101.161.249 google.com. 300 IN A 150.101.161.226 ;; Received 268 bytes from 216.239.38.10#53(ns4.google.com) in 185 ms

6. Adjust Answer Size

By default dig runs with full long output, which displays a lot of verbose information. While useful, there may be times where we simply want our result returned. This can be achieved with the +short option, as shown below when we query google.com we only see the IP address result without any further information.

[[email protected] ~]# dig google.com +short 216.58.220.110

7. Lookup From File

Specifying a single domain after the dig command is not the only way to perform a lookup, we can also supply dig a list of domains from a file (one domain per line) which can be useful if you need to script bulk DNS lookups. In the below example, we use the -f option to read the file query.txt which contains three domains. For brevity I have also made use of +short here so we only see the IP addresses returned rather than the full output which would be quite long.

[[email protected] ~]# cat query.txt google.com yahoo.com rootusers.com [[email protected] ~]# dig -f query.txt +short 216.58.220.110 98.139.183.24 206.190.36.45 98.138.253.109 104.24.11.91 104.24.10.91

8. Specify Port Number

By default the dig command queries port 53 which is the standard DNS port, however we can optionally specify an alternate port if required. This may be useful if an external name server is configured to use a non standard port for some reason. We specify the port to query with the -p option, followed by the port number. In the below example we perform a DNS query to port 5300.

[[email protected] ~]# dig @8.8.8.8 -p 5300 google.com ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > @8.8.8.8 -p 5300 google.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached

9. Use IPv4 Or IPv6

By default our dig queries are running over the IPv4 network, we can specify if we want to use the IPv4 transport with the -4 option, or alternatively we can specify to use the IPv6 transport with the -6 option.

[[email protected] ~]# dig -6 @2001:4860:4860::8888 google.com A ; > DiG 9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.8 > @2001:4860:4860::8888 google.com A ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER

10. Query All DNS Record Types

We can use the 'ANY' option to query all DNS record types, this way we can quickly see all DNS records available for a domain. In the below example we can see the results for all types of different records, including A, AAAA, TXT, MX and NS.

[[email protected] ~]# dig google.com ANY ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com ANY ;; global options: +cmd ;; Got answer: ;; ->>HEADER

It should be noted that some name servers do not support this and will deny the request, for example many domains behind Cloudflare will simply return the below record only.

cloudflare.com. 5 IN HINFO "Please stop asking for ANY" "See draft-ietf-dnsop-refuse-any"

11. Customize Dig Output

There are many different options that we can specify to customize what the dig command will print out. Hide All
With the +noall option, we can hide almost all output.

[[email protected] ~]# dig google.com +noall ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com +noall ;; global options: +cmd

Now from this clean base, we can choose what we want to display. We can also disable components from the default output in a similar manner. Print Statistics
By default some basic statistics appear at the bottom of the dig query, including query time, the server queried, when it happened and the message size. These can be removed with the +nostats option, or added with +stats.

[[email protected] ~]# dig google.com +noall +stats ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com +noall +stats ;; global options: +cmd ;; Query time: 2 msec ;; SERVER: 192.168.220.2#53(192.168.220.2) ;; WHEN: Tue Sep 06 10:06:20 AEST 2016 ;; MSG SIZE rcvd: 55

Print Answer
We can output the answer to the DNS query with the +answer option, as shown below we now actually see the IP address from the DNS query.

[[email protected] ~]# dig google.com +noall +answer ; > DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 > google.com +noall +answer ;; global options: +cmd google.com. 5 IN A 216.58.220.110

12. Adjust Defaults With ~/.digrc File

We can create a .digrc file in our home directory to include any custom options that we want dig to run with by default. This way we can specify various options in the ~/.digrc file that will always automatically run with the dig command. In the below example we add the +short option to the .digrc in our home directory and then perform a dig on google.com, we can see that the output confirms it was run with +short even though we did not specify it on the command line.

[[email protected] ~]# cat .digrc +short [[email protected] ~]# dig google.com 216.58.220.110

Summary

We have seen how the dig command can be used in many different ways to perform DNS queries in Linux, making it a useful tool for troubleshooting or performing DNS lookups.

If you're after further information on this topic, check out our DNS troubleshooting guide.

Share this:

Источник

Читайте также:  Virtualbox linux no usb device
Оцените статью
Adblock
detector