- 3 Ways to check DNS records from Linux terminal
- What’s Domain Name System (DNS)?
- 1) How to verify a domain’s DNS records using the dig command
- 2) Checking DNS records of a domain using nslookup command
- 3) How to check DNS records of a domain using host command
- Closing Notes
- 10 Linux Dig (Domain Information Groper) Commands to Query DNS
- 1. Query Domain “A” Record
- 2. Query Domain “A” Record with +short
- 3. Querying MX Record for Domain
- 4. Querying SOA Record for Domain
- 5. Querying TTL Record for Domain
- 6. Querying Only Answer Section
- 7. Querying ALL DNS Records Types
- 8. DNS Reverse Look-up
- 9. Querying Multiple DNS Records
- 10. Create .digrc file
3 Ways to check DNS records from Linux terminal
There are many third party websites that can verify a domain’s DNS records.
It can also be done from Linux terminal. Why not try yourself, instead of using 3rd party sites?
NIX users spend more time on terminal and looking for a viable option from the terminal for any purpose.
This will be useful not only for me, but also for others looking for a way to do their daily activities at the terminal.
Domain DNS information can be verified from the Linux terminal using the following three commands.
Use one of the below command to verify domain owner information from the Linux terminal.
What’s Domain Name System (DNS)?
DNS stands for Domain Name System or Domain Name Servers which translates Internet domain and host names to IP addresses and vice versa.
DNS is a hierarchical decentralized naming system for computers, services, or other resources connected to the Internet or a private network.
It’s basically a set of mapping files that tell the DNS server which IP address each domain or host is associated with, and how to handle requests sent to each domain.
It stores various information about a domain & host such as A, AAAA, CNAME, MX, PTR, NS, SOA, SRV, TXT, and NAPTR.
A Record : A record stands for Address record. The ‘A’ record specifies the IP address (IPv4) of a host. Whenever DNS server get a query to resolve domain-name, it will refer the A record to answer the IP address.
AAA Record : The ‘AAA’ record specifies the IP address (IPv6) of a host.
NS Record : NS Record stands for Name Server record. NS Records maps a domain name to a list of authoritative DNS servers.
MX Record : MX Record stands for mail exchange record. MX Records maps a domain name to a list of mail exchange servers.
PTR Record : PTR record stands for Reverse lookup record or Pointer record. A PTR record maps the IP address to a specific host.
CNAME Record : CNAME Record stands for Canonical Name. CNAME record is used to create aliases that point to other names such as WWW, FTP, MAIL & subdomains to a domain name. Example : a CNAME record can associate the subdomain www.2daygeek.com with 2daygeek.com
SOA Record : SOA record stands for Start of Authority records. SOA records contain information about a DNS zone such as Primary nameserver, Hostmaster E-mail address, zone file seriel number, zone transfer interval and zone expiry details.
TXT Record : TXT Record stands for text record. A TXT record is a type of DNS record that provides text information to sources outside your domain. The text can be either human-or machine-readable and can be used for a variety of purposes.
SPF Record : SPF Record stands for Sender Policy Framework. SPF is an extension to the SMTP mail protocol which is used for e-mail authentication.
SPF record is used to verify whether the message came from an authorized mail server or not. SPF is designed to detect SPAM & PHISHING mail sender’s IP address which was included in the e-mail headers.
DKIM Record : DKIM record stands for Domain Keys Identified Mail. DKIM is an email validation system designed to detect email spoofing by providing encryption authentication to receiving mail exchangers.
It will check whether the incoming mail domain is authorized by the domain’s administrators and that the email (including attachments) has not been modified during transport.
A digital signature included with the message can be validated by the recipient using the signer’s public key published in the DNS.
1) How to verify a domain’s DNS records using the dig command
dig command stands for “domain information groper”. It is a flexible tool for interrogating DNS name servers. It performs DNS lookup and displays the answers that are returned from the name server(s) that were queried.
Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
# dig google.com ANY +noall +answer google.com. 282 IN A 216.58.199.142 google.com. 282 IN AAAA 2404:6800:4009:806::200e google.com. 21582 IN CAA 0 issue "pki.goog" google.com. 21582 IN NS ns1.google.com. google.com. 582 IN MX 30 alt2.aspmx.l.google.com. google.com. 42 IN SOA ns1.google.com. dns-admin.google.com. 275230101 900 900 1800 60 google.com. 282 IN TXT "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289" google.com. 21582 IN NS ns2.google.com. google.com. 582 IN MX 10 aspmx.l.google.com. google.com. 582 IN MX 50 alt4.aspmx.l.google.com. google.com. 3582 IN TXT "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8=" google.com. 3582 IN TXT "v=spf1 include:_spf.google.com ~all" google.com. 282 IN TXT "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e" google.com. 21582 IN NS ns4.google.com. google.com. 21582 IN NS ns3.google.com. google.com. 582 IN MX 20 alt1.aspmx.l.google.com. google.com. 3582 IN TXT "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95" google.com. 582 IN MX 40 alt3.aspmx.l.google.com
2) Checking DNS records of a domain using nslookup command
nslookup command is a program to query Internet domain name servers. Nslookup has two modes interactive and non-interactive.
Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain.
Non-interactive mode is used to print just the name and requested information for a host or domain. It’s a network administration tool which will help them to check and troubleshoot DNS related issues.
# nslookup -type=any google.com Server: 192.168.1.1 Address: 192.168.1.1#53 Non-authoritative answer: Name: google.com Address: 216.58.199.142 Name: google.com Address: 2404:6800:4009:806::200e google.com rdata_257 = 0 issue "pki.goog" google.com nameserver = ns1.google.com. google.com mail exchanger = 30 alt2.aspmx.l.google.com. google.com origin = ns1.google.com mail addr = dns-admin.google.com serial = 275230101 refresh = 900 retry = 900 expire = 1800 minimum = 60 google.com text = "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289" google.com nameserver = ns2.google.com. google.com mail exchanger = 10 aspmx.l.google.com. google.com mail exchanger = 50 alt4.aspmx.l.google.com. google.com text = "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8=" google.com text = "v=spf1 include:_spf.google.com ~all" google.com text = "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e" google.com nameserver = ns4.google.com. google.com nameserver = ns3.google.com. google.com mail exchanger = 20 alt1.aspmx.l.google.com. google.com text = "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95" google.com mail exchanger = 40 alt3.aspmx.l.google.com. Authoritative answers can be found from:
3) How to check DNS records of a domain using host command
host command is a simple utility for performing DNS lookup. It is normally used to convert names to IP addresses and vice versa. When no arguments or options are given, host prints a short summary of its command line arguments and options as shown below:
# host -a 2daygeek.com Trying "2daygeek.com" ;; ->>HEADERClosing Notes
We have shown you three commands to find DNS records of a domain in Linux.
If you have any questions or feedback, feel free to comment below.
10 Linux Dig (Domain Information Groper) Commands to Query DNS
In our previous article, we have explained nslookup command examples and usage, which is a networking command-line tool used for querying and getting information of DNS (Domain Name System).
Here, in this article, we come up with another command line tool called dig, which is much similar to the Linux nslookup tool. We will see the usage of the dig command closely with their examples and usage.
Dig stands for (Domain Information Groper) is a network administration command-line tool for querying Domain Name System (DNS) name servers.
It is useful for verifying and troubleshooting DNS problems and also to perform DNS lookups and displays the answers that are returned from the name server that was queried.
Dig is part of the BIND domain name server software suite. dig command replaces older tools such as nslookup and the host. dig tool is available in major Linux distributions.
1. Query Domain “A” Record
# dig yahoo.com ; > DiG 9.16.1-Ubuntu > yahoo.com ;; global options: +cmd ;; Got answer: ;; ->>HEADERThe above command causes dig to look up the "A" record for the domain name yahoo.com. Dig command reads the /etc/resolv.conf file and querying the DNS servers listed there. The response from the DNS server is what dig displays.
Let us understand the output of the commands:
- Lines beginning with ; are comments not part of the information.
- The first line tells us the version of the dig (9.16.1) command.
- Next, dig shows the header of the response it received from the DNS server.
- Next comes the question section, which simply tells us the query, which in this case is a query for the "A" record of yahoo.com. The IN means this is an Internet lookup (in the Internet class).
- The answer section tells us that yahoo.com has the IP address 98.137.11.163.
- Lastly, there are some stats about the query. You can turn off these stats using the +nostats option.
2. Query Domain “A” Record with +short
By default, dig is quite verbose. One way to cut down the output is to use the +short option. which will drastically cut the output as shown below.
# dig yahoo.com +short 98.137.11.164 74.6.231.21 74.6.231.20 74.6.143.25 74.6.143.26 98.137.11.163
Note: By default, dig looks for the "A" record of the domain specified, but you can specify other records also. The MX or Mail eXchange record tells mail servers how to route the email for the domain. Likewise TTL, SOA, etc.
3. Querying MX Record for Domain
Querying different types of DNS resource records only.
# dig yahoo.com MX ; > DiG 9.16.1-Ubuntu > yahoo.com MX ;; global options: +cmd ;; Got answer: ;; ->>HEADER4. Querying SOA Record for Domain
# dig yahoo.com SOA ; > DiG 9.16.1-Ubuntu > yahoo.com SOA ;; global options: +cmd ;; Got answer: ;; ->>HEADER5. Querying TTL Record for Domain
# dig yahoo.com TTL ; > DiG 9.16.1-Ubuntu > yahoo.com TTL ;; global options: +cmd ;; Got answer: ;; ->>HEADER>HEADER6. Querying Only Answer Section
# dig yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats ; > DiG 9.16.1-Ubuntu > yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats ;; global options: +cmd yahoo.com. 1556 IN A 74.6.231.20 yahoo.com. 1556 IN A 98.137.11.163 yahoo.com. 1556 IN A 98.137.11.164 yahoo.com. 1556 IN A 74.6.143.26 yahoo.com. 1556 IN A 74.6.231.21 yahoo.com. 1556 IN A 74.6.143.257. Querying ALL DNS Records Types
# dig yahoo.com ANY +noall +answer ; > DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 > yahoo.com ANY +noall +answer ;; global options: +cmd yahoo.com. 3509 IN A 72.30.38.140 yahoo.com. 3509 IN A 98.138.253.109 yahoo.com. 3509 IN A 98.139.183.24 yahoo.com. 1709 IN MX 1 mta5.am0.yahoodns.net. yahoo.com. 1709 IN MX 1 mta6.am0.yahoodns.net. yahoo.com. 1709 IN MX 1 mta7.am0.yahoodns.net. yahoo.com. 43109 IN NS ns2.yahoo.com. yahoo.com. 43109 IN NS ns8.yahoo.com. yahoo.com. 43109 IN NS ns3.yahoo.com. yahoo.com. 43109 IN NS ns1.yahoo.com. yahoo.com. 43109 IN NS ns4.yahoo.com. yahoo.com. 43109 IN NS ns5.yahoo.com. yahoo.com. 43109 IN NS ns6.yahoo.com.8. DNS Reverse Look-up
Querying DNS Reverse Look-up. Only display answer section with using +short.
# dig -x 72.30.38.140 +short ir1.fp.vip.sp2.yahoo.com.9. Querying Multiple DNS Records
Query multiple website’s DNS specific query viz. MX, NS, etc. records.
# dig yahoo.com mx +noall +answer redhat.com ns +noall +answer ; > DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 > yahoo.com mx +noall +answer redhat.com ns +noall +answer ;; global options: +cmd yahoo.com. 1740 IN MX 1 mta6.am0.yahoodns.net. yahoo.com. 1740 IN MX 1 mta7.am0.yahoodns.net. yahoo.com. 1740 IN MX 1 mta5.am0.yahoodns.net. redhat.com. 132 IN NS ns1.redhat.com. redhat.com. 132 IN NS ns4.redhat.com. redhat.com. 132 IN NS ns3.redhat.com. redhat.com. 132 IN NS ns2.redhat.com.10. Create .digrc file
Create .digrc file under $HOME/.digrc to store default dig options.
# dig yahoo.com yahoo.com. 3427 IN A 72.30.38.140 yahoo.com. 3427 IN A 98.138.253.109 yahoo.com. 3427 IN A 98.139.183.24We have store +noall +answer options permanently in the .digrc file under the user’s home directory. Now, whenever the dig command is executed it will show only answer section of the dig output. No Need to type every-time options like +noall +answer.
In this article, we tried to find out the dig command which may help you to search (DNS) Domain Name Service-related information. Share your thoughts through the comment box.