How to use "dig" Command in Linux
How to use "dig" Command in Linux
Dig (Domain Information Groper) is a powerful command-line tool for querying name servers. The dig command, allows you to query information about various DNS records. This tutorial explains how to use the dig utility through examples and detailed explanations of the most common dig options.
How to Install dig
If dig is not present on your system, please follow these procedures to install it.
Ubuntu and Debian
# apt update && apt install dnsutils
Install dig on CentOS and Fedora
# yum install bind-utils
Once the package has been installed now let's dig it.
[root@k8smaster ~]# dig centos.org
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> centos.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22632
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;centos.org. IN A
;; ANSWER SECTION:
centos.org. 600 IN A 81.171.33.202
centos.org. 600 IN A 81.171.33.201
;; Query time: 186 msec
;; SERVER: 10.0.0.2#53(10.0.0.2)
;; WHEN: Thu Mar 26 17:13:14 UTC 2020
;; MSG SIZE rcvd: 60
[root@k8smaster ~]#
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> centos.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22632
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;centos.org. IN A
;; ANSWER SECTION:
centos.org. 600 IN A 81.171.33.202
centos.org. 600 IN A 81.171.33.201
;; Query time: 186 msec
;; SERVER: 10.0.0.2#53(10.0.0.2)
;; WHEN: Thu Mar 26 17:13:14 UTC 2020
;; MSG SIZE rcvd: 60
[root@k8smaster ~]#
The first line of the output prints the installed dig version, and the queried domain name. The second line shows the global options (by default, only cmd).
In this example, the status is NOERROR, which means that the requested authority served the query without any issue.
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22632
In the “QUESTION” section dig shows the query . By default, dig requests the A record. In ANSWER it shows the results of this query.
The last section of the dig output includes statistics about the query.
;; Query time: 186 msec
;; SERVER: 10.0.0.2#53(10.0.0.2)
;; WHEN: Thu Mar 26 17:13:14 UTC 2020
;; MSG SIZE rcvd: 60
IF you are interested in short answer to your query then run dig with +short option;; SERVER: 10.0.0.2#53(10.0.0.2)
;; WHEN: Thu Mar 26 17:13:14 UTC 2020
;; MSG SIZE rcvd: 60
[root@k8smaster ~]# dig centos.org +short
81.171.33.201
81.171.33.202
[root@k8smaster ~]#
81.171.33.201
81.171.33.202
[root@k8smaster ~]#
Query Specific Name Server
By default, if no name server is specified, dig uses the servers listed in /etc/resolv.conf file.To specify a name server against which the query will be executed, use the "@" symbol followed by the name server IP address or hostname.
[root@k8smaster ~]# dig centos.org @8.8.8.8
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> centos.org @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27739
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;centos.org. IN A
;; ANSWER SECTION:
centos.org. 599 IN A 81.171.33.202
centos.org. 599 IN A 81.171.33.201
;; Query time: 361 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Mar 26 17:25:40 UTC 2020
;; MSG SIZE rcvd: 71
[root@k8smaster ~]#
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> centos.org @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27739
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;centos.org. IN A
;; ANSWER SECTION:
centos.org. 599 IN A 81.171.33.202
centos.org. 599 IN A 81.171.33.201
;; Query time: 361 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Mar 26 17:25:40 UTC 2020
;; MSG SIZE rcvd: 71
[root@k8smaster ~]#
We will see how to query spefic type of records, such as A (the IP address), CNAME (canonical name), TXT (text record), MX (mail exchanger), and NS (name servers).
1. Querying A records
To get a list of all the address(es) for a domain name, use the "a" option:
dig +nocmd centos.org a +noall +answer
[root@k8smaster ~]# dig +nocmd centos.org a +noall +answer
centos.org. 600 IN A 81.171.33.201
centos.org. 600 IN A 81.171.33.202
[root@k8smaster ~]#
centos.org. 600 IN A 81.171.33.201
centos.org. 600 IN A 81.171.33.202
[root@k8smaster ~]#
2. Querying NS records
dig +nocmd centos.org ns +noall +answer
[root@k8smaster ~]# dig +nocmd centos.org ns +noall +answer
centos.org. 14400 IN NS ns1.centos.org.
centos.org. 14400 IN NS ns4.centos.org.
centos.org. 14400 IN NS ns3.centos.org.
[root@k8smaster ~]#
centos.org. 14400 IN NS ns1.centos.org.
centos.org. 14400 IN NS ns4.centos.org.
centos.org. 14400 IN NS ns3.centos.org.
[root@k8smaster ~]#
3. Querying CNAME records
To find the alias domain name use the cname option:
dig +nocmd mail.google.com cname +noall +answer
[root@k8smaster ~]# dig +nocmd mail.google.com cname +noall +answer
mail.google.com. 589202 IN CNAME googlemail.l.google.com.
[root@k8smaster ~]#
mail.google.com. 589202 IN CNAME googlemail.l.google.com.
[root@k8smaster ~]#
4. Querying MX records
To get a list of all the mail servers for a specific domain use the mx option:
[root@k8smaster ~]# dig +nocmd yahoo.com mx +noall +answer
yahoo.com. 1544 IN MX 1 mta5.am0.yahoodns.net.
yahoo.com. 1544 IN MX 1 mta6.am0.yahoodns.net.
yahoo.com. 1544 IN MX 1 mta7.am0.yahoodns.net.
[root@k8smaster ~]#
yahoo.com. 1544 IN MX 1 mta5.am0.yahoodns.net.
yahoo.com. 1544 IN MX 1 mta6.am0.yahoodns.net.
yahoo.com. 1544 IN MX 1 mta7.am0.yahoodns.net.
[root@k8smaster ~]#
5. Querying All Records
Use the any option to get a list of all DNS records for a specific domain:
dig +nocmd yahoo.com any +noall +answer
[root@k8smaster ~]# dig +nocmd yahoo.com any +noall +answer
yahoo.com. 735 IN A 72.30.35.9
yahoo.com. 735 IN A 98.137.246.8
yahoo.com. 735 IN A 72.30.35.10
yahoo.com. 735 IN A 98.138.219.232
yahoo.com. 735 IN A 98.138.219.231
yahoo.com. 735 IN A 98.137.246.7
yahoo.com. 490 IN AAAA 2001:4998:58:1836::10
yahoo.com. 490 IN AAAA 2001:4998:c:1023::4
yahoo.com. 490 IN AAAA 2001:4998:44:41d::3
yahoo.com. 490 IN AAAA 2001:4998:c:1023::5
yahoo.com. 490 IN AAAA 2001:4998:58:1836::11
yahoo.com. 490 IN AAAA 2001:4998:44:41d::4
yahoo.com. 741 IN MX 1 mta7.am0.yahoodns.net.
yahoo.com. 741 IN MX 1 mta5.am0.yahoodns.net.
yahoo.com. 741 IN MX 1 mta6.am0.yahoodns.net.
[root@k8smaster ~]#
yahoo.com. 735 IN A 72.30.35.9
yahoo.com. 735 IN A 98.137.246.8
yahoo.com. 735 IN A 72.30.35.10
yahoo.com. 735 IN A 98.138.219.232
yahoo.com. 735 IN A 98.138.219.231
yahoo.com. 735 IN A 98.137.246.7
yahoo.com. 490 IN AAAA 2001:4998:58:1836::10
yahoo.com. 490 IN AAAA 2001:4998:c:1023::4
yahoo.com. 490 IN AAAA 2001:4998:44:41d::3
yahoo.com. 490 IN AAAA 2001:4998:c:1023::5
yahoo.com. 490 IN AAAA 2001:4998:58:1836::11
yahoo.com. 490 IN AAAA 2001:4998:44:41d::4
yahoo.com. 741 IN MX 1 mta7.am0.yahoodns.net.
yahoo.com. 741 IN MX 1 mta5.am0.yahoodns.net.
yahoo.com. 741 IN MX 1 mta6.am0.yahoodns.net.
[root@k8smaster ~]#
Reverse lookup
To perform a reverse lookup on 81.171.33.201 you would type:
[root@k8smaster ~]# dig -x 81.171.33.201 +noall +answer
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> -x 81.171.33.201 +noall +answer
;; global options: +cmd
201.33.171.81.in-addr.arpa. 86400 IN PTR ip-81.171.33.201.centos.org.
[root@k8smaster ~]#
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> -x 81.171.33.201 +noall +answer
;; global options: +cmd
201.33.171.81.in-addr.arpa. 86400 IN PTR ip-81.171.33.201.centos.org.
[root@k8smaster ~]#
About Manas Ranjan Tripathy
No comments