dig @server domain_name type
- server is the name or IP address of the name server to query. This can be an IPv4 address in dotted-decimal notation or an IPv6 address in colon-delimited notation. When the supplied server argument is a hostname, dig resolves that name before querying that name server. If no server argument is provided, dig consults /etc/resolv.conf and queries the name servers listed there. The reply from the name server that responds is displayed.
- name is the name of the resource record that is to be looked up.
- type indicates what type of query is required – ANY, A, MX, SIG, etc. type can be any valid query type. If no type argument is supplied, dig will perform a lookup for an A record.
1. Basic Use
The dig command output has the following sections:
- Header: This displays the dig command version number, the global options used by the dig command, and few additional header information.
- QUESTION SECTION: This displays the question it asked the DNS. i.e This is your input. Since we said ‘dig redhat.com’, and the default type dig command uses is A record, it indicates in this section that we asked for the A record of the redhat.com website
- ANSWER SECTION: This displays the answer it receives from the DNS. i.e This is your output. This displays the A record of redhat.com
- AUTHORITY SECTION: This displays the DNS name server that has the authority to respond to this query. Basically this displays available name servers of redhat.com
- ADDITIONAL SECTION: This displays the ip address of the name servers listed in the AUTHORITY SECTION.
- Stats section at the bottom displays few dig command statistics including how much time it took to execute this query
2. Display Only the ANSWER SECTION of the Dig command Output
For most part, all you need to look at is the “ANSWER SECTION” of the dig command. So, we can turn off all other sections as shown below.
- +nocomments – Turn off the comment lines
- +noauthority – Turn off the authority section
- +noadditional – Turn off the additional section
- +nostats – Turn off the stats section
- +noanswer – Turn off the answer section (Of course, you wouldn’t want to turn off the answer section)
The following dig command displays only the ANSWER SECTION.
$ dig redhat.com +nocomments +noquestion +noauthority +noadditional +nostats ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com +nocomments +noquestion +noauthority +noadditional +nostats ;; global options: +cmd redhat.com. 9 IN A 220.127.116.11
Instead of disabling all the sections that we don’t want one by one, we can disable all sections using
+noall (this turns off answer section also), and add the
+answer which will show only the answer section.
3. Query MX Records Using dig -t MX
To query MX records, pass MX as an argument to the dig command as shown below.
$ dig redhat.com MX +noall +answer
4. View ALL DNS Records Types Using dig -t ANY
To view all the record types (A, MX, NS, etc.), use ANY as the record type as shown below
$ dig redhat.com ANY +noall +answer
5.View Short Output Using dig +short
To view just the ip-address of a web site (i.e the A record), use the short form option as shown below.
$ dig redhat.com +short 18.104.22.168
6. DNS Reverse Look-up Using dig -x
To perform a DNS reverse look up using the ip-address using dig -x as shown below
For example, if you just have an external ip-address and would like to know the website that belongs to it, do the following.
$ dig -x 22.214.171.124 +short www.redhat.com
7. Use a Specific DNS server Using dig @dnsserver
By default dig uses the DNS servers defined in your /etc/resolv.conf file.
If you like to use a different DNS server to perform the query, specify it in the command line as
8. Bulk DNS Query Using dig -f (and command line) Query multiple websites using a data file:
You can perform a bulk DNS query based on the data from a file.
First, create a sample host_names.txt file that contains the website that you want to query.
$ vi host_names.txt redhat.com centos.org
9. $HOME/.digrc File to Store Default dig Options
If you are always trying to view only the ANSWER section of the dig output, you don’t have to keep typing “+noall +answer” on your every dig command. Instead, add your dig options to the .digrc file as shown below.
$ cat $HOME/.digrc +noall +answer
10. Get my public IP address
With myip.opendns.com, we can use this command:
dig TXT +short o-o.myaddr.l.google.com @ns1.google.com
dig +short myip.opendns.com @resolver1.opendns.com
This asks the IP address of
myip.opendns.com from the name server
resolver1.opendns.com, which will return your external IP address.
On windows you can use:
nslookup > server resolver1.opendns.com> myip.opendns.com