Linux DIG Command – DNS Lookup utility with examples

Overview :

DIG  stands for domain information groper. DIG is a dns lookup utility in UNIX like operating System. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig command to troubleshoot DNS related problems because of its flexibility, ease of use and clarity of output. Digcommand can operate in interactive command line mode or in batch mode by reading requests from an operating system file. dig by default uses /etc/resolv.conf and queries the name servers listed there.

Example:1 Understand DIG command Output

Synatx : # dig <Domain Name>

#  dig nextstep4it.com

dig

When we pass any domain to dig command it simply try to display A record (IP Address) Output of above dig command includes the followings sections:

HEADER : It shows the dig command version number and other  header information.

QUESTION SECTION :  It displays the what question has been asked , in my case “dig nextstep4it.com” means what is A record(ip address) of nextstep4it.com

ANSWER SECTION : It displays the answer of the questions being asked in question section , so it displays the A Record of nextstep4it.com

AUTHORITY SECTION: It displays which  DNS name server that has the authority to respond to this query. Basically this displays available name servers of domain.

Example :2 Query NS records of a Domain

Syntax : # dig <Domain Name> -t <DNS Record>

# dig nextstep4it.com -t NS

dig-ns

In the above command nextstep4it.com is the domain name , -t is option after which we specify which DNS record to Query.

Example:3 Query MX records of a domain

Syntax : # dig  <Domain Name>  -t  MX

# dig google.com -t MX

dig-mx

Above command shows that google.com domain has 5 MX records which has different priorities.

Example:4  Query SPF (Sender Policy Framework) Record of a Domain

SPF Sender Policy Framework (SPF) is an email validation system designed to prevent email spam by detecting email spoofing, a common vulnerability, by verifying sender IP addresses.

Syntax : # dig  <Domain Name> -t txt

#  dig google.com -t txt

output  will be :

;; ANSWER SECTION:
google.com.    354    IN    TXT   “v=spf1 include:_spf.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31 ~all”

Example:5 Reverse lookups using -x option i.e mapping addresses to names

Dig command by default shows A record (ip address of a domain) but using -x option we can do the reverse lookup.

Synatx : # dig  -x  <ip-address> +short

#  dig -x 173.194.41.182 +short

Output :

lhr08s04-in-f22.1e100.net.

To get the full details of reverse lookup , just remove “+short” option

Example:6  DNS lookup using specific DNS server.

DIG command by default uses DNS servers mentioned in /etc/resolv.conf file, if we want to do DNS lookup using specific DNS server , use below example :

Synatx : # dig @<DNS Server> <Domain Name> -t <Type of DNS Record>

# dig @4.2.2.2 google.com -t MX

 

Example:7 Display Only ANSWER SECTION in Dig Command Output

Method:1

# dig <Domain Name>  +nocomments +noquestion +noauthority +noadditional +nostats

Where :

+nocomments – Turn off the comment lines
+noauthority – Turn off the authority section
+noadditional – Turn off the additional section
+nostats – Turn off the stats section

Method:2

# dig <Domain Name>  +noall   +answer

Instead of using options “+nocomments +noquestion +noauthority +noadditional +nostats”  use  +noall (this will  turns off answer section also), so add   +answer which will show only the answer section.

#  dig google.com +noall +answer

dig-noall

Example:8  Multiple DNS Query using ‘dig -f’ option

Syntax :# dig -f <file name>  +noall +answer

create a file “bulkquery.txt” and mentioned the Domain Names , in my case I have used the below :

# cat bulkquery.txt
google.com
yahoo.com
centos.org

Below Command will query MX records for the domains mentioned in “bulkquery.txt” file

#  dig -f bulkquery.txt -t   MX +noall +answer

dig-answer

Leave a Reply

Your email address will not be published. Required fields are marked *