Linux DIG Command – DNS Lookup utility with examples


Overview :

DIG  stands for domain information groper. DIG is a dns lookup utility in UNIX like operating System. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig command to troubleshoot DNS related problems because of its flexibility, ease of use and clarity of output. Digcommand can operate in interactive command line mode or in batch mode by reading requests from an operating system file. dig by default uses /etc/resolv.conf and queries the name servers listed there.

Example:1 Understand DIG command Output

Synatx : # dig <Domain Name>

#  dig


When we pass any domain to dig command it simply try to display A record (IP Address) Output of above dig command includes the followings sections:

HEADER : It shows the dig command version number and other  header information.

QUESTION SECTION :  It displays the what question has been asked , in my case “dig” means what is A record(ip address) of

ANSWER SECTION : It displays the answer of the questions being asked in question section , so it displays the A Record of

AUTHORITY SECTION: It displays which  DNS name server that has the authority to respond to this query. Basically this displays available name servers of domain.

Example :2 Query NS records of a Domain

Syntax : # dig <Domain Name> -t <DNS Record>

# dig -t NS


In the above command is the domain name , -t is option after which we specify which DNS record to Query.

Example:3 Query MX records of a domain

Syntax : # dig  <Domain Name>  -t  MX

# dig -t MX


Above command shows that domain has 5 MX records which has different priorities.

Example:4  Query SPF (Sender Policy Framework) Record of a Domain

SPF Sender Policy Framework (SPF) is an email validation system designed to prevent email spam by detecting email spoofing, a common vulnerability, by verifying sender IP addresses.

Syntax : # dig  <Domain Name> -t txt

#  dig -t txt

output  will be :

;; ANSWER SECTION:    354    IN    TXT   "v=spf1 ip4: ip4: ~all"

Example:5 Reverse lookups using -x option i.e mapping addresses to names

Dig command by default shows A record (ip address of a domain) but using -x option we can do the reverse lookup.

Synatx : # dig  -x  <ip-address> +short

#  dig -x +short

Output :

To get the full details of reverse lookup , just remove “+short” option

Example:6  DNS lookup using specific DNS server.

DIG command by default uses DNS servers mentioned in /etc/resolv.conf file, if we want to do DNS lookup using specific DNS server , use below example :

Synatx : # dig @<DNS Server> <Domain Name> -t <Type of DNS Record>

# dig @ -t MX


Example:7 Display Only ANSWER SECTION in Dig Command Output


# dig <Domain Name>  +nocomments +noquestion +noauthority +noadditional +nostats

Where :

+nocomments – Turn off the comment lines
+noauthority – Turn off the authority section
+noadditional – Turn off the additional section
+nostats – Turn off the stats section


# dig <Domain Name>  +noall   +answer

Instead of using options "+nocomments +noquestion +noauthority +noadditional +nostats"  use  +noall (this will  turns off answer section also), so add   +answer which will show only the answer section.

#  dig +noall +answer


Example:8  Multiple DNS Query using 'dig -f' option

Syntax :# dig -f <file name>  +noall +answer

create a file “bulkquery.txt” and mentioned the Domain Names , in my case I have used the below :

# cat bulkquery.txt

Below Command will query MX records for the domains mentioned in “bulkquery.txt” file

#  dig -f bulkquery.txt -t   MX +noall +answer