dig 101

#
CLI
#
DNS
2015-02-03 · 2 min read

dig is a command-line tool for querying DNS name servers for information about host addresses, mail exchanges, name servers, and related information. dig is usually part of a common package: bind-tools (Gentoo), bind-utils (Red Hat, Fedora) or dnsutils (Debian).

dig google.com

By default dig output is quite verbose. Version number along with global options.

; <<>> DiG 9.8.3-P1 <<>> google.com
;; global options: +cmd

Technical details about the answer from DNS server. This section can be turned on/off using +[no]comments.

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63174
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

Query itself repeated. This section can be turned on/off using +[no]question.

;; QUESTION SECTION:
;google.com.			IN	A

Answer from a DNS server. It can be also turned on/off using +[no]answer.

;; ANSWER SECTION:
google.com.		145	IN	A	216.58.209.78

Statistics about the query. It can be turned on/off using +[no]stats

;; Query time: 42 msec
;; SERVER: 192.168.8.1#53(192.168.8.1)
;; WHEN: Mon Feb 16 18:31:25 2015
;; MSG SIZE  rcvd: 44

Examples

A address with concise output

dig google.com A +noall +noversion +answer
; <<>> DiG 9.8.3-P1 <<>> google.com A +noall +answer
;; global options: +cmd
google.com.		156	IN	A	216.58.209.78

List Google's mail servers

dig +nocmd google.com MX +noall +answer
google.com.		461	IN	MX	20 alt1.aspmx.l.google.com.
google.com.		461	IN	MX	30 alt2.aspmx.l.google.com.
google.com.		461	IN	MX	10 aspmx.l.google.com.
google.com.		461	IN	MX	50 alt4.aspmx.l.google.com.
google.com.		461	IN	MX	40 alt3.aspmx.l.google.com.

List of Google's DNS servers

dig +nocmd google.com NS +noall +answer
google.com.		139783	IN	NS	ns2.google.com.
google.com.		139783	IN	NS	ns3.google.com.
google.com.		139783	IN	NS	ns4.google.com.
google.com.		139783	IN	NS	ns1.google.com.

Combine A, MX and NS entries

dig +nocmd google.com ANY +noall +answer

Get only value for a specific server type

dig google.com A +short
216.58.209.78
dig google.com MX +short
40 alt3.aspmx.l.google.com.
30 alt2.aspmx.l.google.com.
50 alt4.aspmx.l.google.com.
10 aspmx.l.google.com.
20 alt1.aspmx.l.google.com.
dig google.com txt +short
"v=spf1 include:_spf.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31 ~all"

Reverse lookup

dig -x 216.58.209.78 +short
waw02s06-in-f14.1e100.net.

Bulk lookups

Put hostnames in a file (one name per line) and use the -f option so dig queries each one in turn.

dig -f /path/to/hostnames.txt

Dig with trace

dig google.com +trace