Introduction
The dig
command in Linux is used to gather DNS information. It stands for Domain Information Groper, and it collects data about Domain Name Servers. The dig
command is helpful for troubleshooting DNS problems, but is also used to display DNS information.
This guide will help you understand and use the Linux dig
command.
Prerequisites
- A system running Linux
- A user account with sudo or root privileges
- Access to a terminal window / command line
Install dig on Linux (Optional)
Most modern Linux systems include the dig
command.
Verify that it’s installed by checking the software version. To do so, open a command line and enter the following:
dig -v
The system should respond with a numeric code. If the system can’t find the command specified, install dig by entering the following:
Debian / Ubuntu:
sudo apt-get install dnsutils
CentOS / RedHat:
sudo yum install bind-utils
Once the installation finishes, verify the installation with the following command:
dig -v
For more information on CentOS and RHEL, please refer to our article on How to Install dig on CentOS 7 and 8.
dig Syntax
The dig
command is used as follows:
dig [server] [name] [type]
[server]
– The hostname or IP address the query is directed to[name]
– The DNS (Domain Name Server) of the server to query[type]
– The type of DNS record to retrieve. By default (or if left blank), dig
uses the A record type
Common DNS record types:
- A – Address record which directly maps a hostname to an IP address
- MX – Mail Exchange which maps message transfer agents for the domain
- SIG – Signature record which is used in encryption protocols
Learn about other types by referring to our complete list in DNS Record Types Explained.
The dig
command resolves the hostname before proceeding with querying the name server.
How to Use the dig Command With Examples
Let’s look at the basic usage of the dig
command.
DNS Lookup
The dig
command enables searching for a domain name. To perform a DNS lookup, open the terminal and type:
dig google.com
You should see something similar to the following:
The most important section is the ANSWER section:
- The first column lists the name of the server that was queried
- The second column is the Time to Live, a set timeframe after which the record is refreshed
- The third column shows the class of query – in this case, “IN” stands for Internet
- The fourth column displays the type of query – in this case, “A” stands for an A (address) record
- The final column displays the IP address associated with the domain name
Other lines can be translated as follows:
The first line displays the version of the dig
command.
The HEADER section shows the information it received from the server. Flags refer to the answer format.
The OPT PSEUDOSECTION displays advanced data:
- EDNS – Extension system for DNS, if used
- Flags – blank because no flags were specified
- UDP – UDP packet size
The QUESTION section displays the query data that was sent:
- First column is the domain name queried
- Second column is the type (IN = Internet) of query
- Third column specifies the record (A = Address), unless otherwise specified
The STATISTICS section shows metadata about the query:
- Query time – The amount of time it took for a response
- SERVER – The IP address and port of the responding DNS server. You may notice a loopback address in this line – this refers to a local setting that translates DNS addresses
- WHEN – Timestamp when the command was run
- MSG SIZE rcvd – The size of the reply from the DNS server
Specify DNS server
By default, dig
uses the local configuration to decide which nameserver to query. Use the following command to specify Google’s domain server:
dig @8.8.8.8 google.com
The terminal prints out the following output:
Note: Other domain nameservers can be specified here, such as your server hosting company or the internet service provider’s DNS server.
ANY Option
To return all of the results of the query, use the following:
dig google.com ANY
The system will list all google.com
DNS records that it finds, along with the IP addresses.
Note: Any other type of record can be substituted for the ANY
option. This includes the MX
(mail exchange) type, A
(Address) type, SIG
(Signature) type, etc. There are many different DNS record types. If you are not sure, leave the type option blank.
Short Answer Option
To display only the IP address associated with the domain name, enter the following:
dig google.com +short
The output displays the content as in the image below:
Detailed Answer Option
Run +noall +answer
with the dig
command to access detailed information in the answers section:
dig google.com +noall +answer
The example below displays the expected output.
Trace Option
The +trace
option lists each different server the query goes through to its final destination. Use this command option to identify the IP address where traffic is dropping.
dig google.com +trace
The output should be similar to the one seen below:
Reverse DNS Lookup
To look up a domain name by its IP address, type the following:
dig -x 172.217.14.238
The output displays content as in the image below:
The -x
option allows you to specify the IP address instead of a domain name. This can be combined with other options:
dig +noall +answer -x 172.217.14.238
The example below displays the expected output.
Note: To learn more about how to resolve an IP address back to a domain name, the opposite of a forward DNS query, check out our article about Reverse DNS lookup (rDNS).
Batch Mode for Reading Host Names From a File
To look up multiple entries, start by creating a file to store the domain names:
sudo nano domain_research.txt
See example on the image below:
Add several websites of interest as in the image below:
Save the file and exit. Now, specify the file using the -f
option in the dig
command:
dig -f domain_research.txt +short
See an example of the output of the command below:
Note: The +short option keeps the results manageable. Any other option can be used instead.
Permanently Adjust Default Options
The information displayed by dig can be altered in the ~/.digrc
file. Open the file for editing with the following command:
sudo nano ~/.digrc
Add the following lines:
+noall
+answer
See an example in the image below:
Write the file (ctrl
–o
) and exit (ctrl
–x
).
Run the dig
command again:
dig google.com
You should only see the answers command, as if you had manually added +noall
and +answer
.
Note: If you find yourself in need of dig
on Windows, refer to our article How to Install Dig on Windows.
Conclusion
You should now be familiar with the dig
command in Linux. This command can help you find more information about Domain Nameservers.
Next, we recommend learning more about best DNS practices for security and performance and how to flush DNS to delete all saved DNS lookup information.
原创文章,作者:Maggie-Hunter,如若转载,请注明出处:https://blog.ytso.com/tech/aiops/224222.html