Difference between revisions of "Dig"
(→Extended examples) |
(→Specific DNS server) |
||
(One intermediate revision by the same user not shown) | |||
Line 29: | Line 29: | ||
=== Specific DNS server === | === Specific DNS server === | ||
− | Queries may be directed to designated DNS servers for specific records; in this example, | + | Queries may be directed to designated DNS servers for specific records; in this example, MX records: |
<pre> | <pre> | ||
$ dig wikimedia.org MX @ns0.wikimedia.org | $ dig wikimedia.org MX @ns0.wikimedia.org | ||
Line 60: | Line 60: | ||
There are many [https://downloads.isc.org/isc/bind9/cur/9.17/doc/arm/html/manpages.html#id8 output formatting options] available. A common selection to make the output more terse is: | There are many [https://downloads.isc.org/isc/bind9/cur/9.17/doc/arm/html/manpages.html#id8 output formatting options] available. A common selection to make the output more terse is: | ||
− | <pre | + | <pre> |
$ dig +noall +answer +multiline wikimedia.org MX | $ dig +noall +answer +multiline wikimedia.org MX | ||
wikimedia.org. 3600 IN MX 10 mx2001.wikimedia.org. | wikimedia.org. 3600 IN MX 10 mx2001.wikimedia.org. |
Latest revision as of 09:22, 21 September 2021
dig (aka "Domain Information Groper") is a network administration command-line tool for querying the Domain Name System (DNS).
Contents
Examples
- Basic:
$ dig example.com ; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> example.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47191 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;example.com. IN A ;; ANSWER SECTION: example.com. 8965 IN A 93.184.216.34 ;; Query time: 26 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Mon Sep 20 16:15:28 PDT 2021 ;; MSG SIZE rcvd: 56
Specific DNS server
Queries may be directed to designated DNS servers for specific records; in this example, MX records:
$ dig wikimedia.org MX @ns0.wikimedia.org ; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> wikimedia.org MX @ns0.wikimedia.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28041 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1024 ; COOKIE: f1dc16b8ff5eb444399d5455c80f3c90 (good) ;; QUESTION SECTION: ;wikimedia.org. IN MX ;; ANSWER SECTION: wikimedia.org. 3600 IN MX 10 mx2001.wikimedia.org. wikimedia.org. 3600 IN MX 50 mx1001.wikimedia.org. ;; Query time: 98 msec ;; SERVER: 208.80.154.238#53(208.80.154.238) ;; WHEN: Mon Sep 20 16:17:42 PDT 2021 ;; MSG SIZE rcvd: 108
With output formatting
There are many output formatting options available. A common selection to make the output more terse is:
$ dig +noall +answer +multiline wikimedia.org MX wikimedia.org. 3600 IN MX 10 mx2001.wikimedia.org. wikimedia.org. 3600 IN MX 50 mx1001.wikimedia.org.
Where +noall +answer +multiline
are simply output formatting flags.
Miscellaneous
- Check DNS records:
$ dig TXT _acme-challenge.tfe.example.com +short # Should return something that looks like this: "GungAThu5sg63DuvJ1U3egVgRIyhzLDQ7MQylzEW1Z4"
- Lookup CNAMEs:
$ dig @8.8.8.8 rancher-poc.redapt.com C
- Name servers (NS):
$ nslookup -type=ns redhat.com $ dig ns redhat.com +noall +short a10-65.akam.net. a28-64.akam.net. a9-65.akam.net. a1-68.akam.net. a16-67.akam.net. a13-66.akam.net.
- Use a local resolver (with cache):
$ dig +noall +stats www.google.com | grep ";; Query time" #;; Query time: 3 msec
- Use openDNS:
$ dig +noall +stats google.com @208.67.222.222 | grep ";; Query time" #;; Query time: 28 msec
- Use your local ISP's DNS:
$ dig +noall +stats google.com @212.27.40.240 | grep ";; Query time" #;; Query time: 20 msec
- Reverse DNS lookup:
$ host -t mx marcxtof.com $ dig +short -x 67.207.152.20 # => marcxtof.com (reverse DNS lookup)
Star Wars
$ ( seq 1 8 200 ; seq 6 8 200 )|sort -n|xargs -I{} -n 1 dig +short -x 206.214.251.{} $ traceroute 216.81.59.173 $ ( seq 206 8 250 ; seq 209 8 250 )|sort -n|xargs -I{} -n 1 dig +short -x 206.214.251.{}
Extended examples
When you pass a domain name to the dig command, by default it displays the A record (the IP address of the site that is queried) as shown below.
- Display the A record of redhat.com in the
ANSWER SECTION
of the dig command output.
$ dig redhat.com ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62863 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 3 ;; QUESTION SECTION: ;redhat.com. IN A ;; ANSWER SECTION: redhat.com. 37 IN A 209.132.183.81 ;; AUTHORITY SECTION: redhat.com. 73 IN NS ns4.redhat.com. redhat.com. 73 IN NS ns3.redhat.com. redhat.com. 73 IN NS ns2.redhat.com. redhat.com. 73 IN NS ns1.redhat.com. ;; ADDITIONAL SECTION: ns1.redhat.com. 73 IN A 209.132.186.218 ns2.redhat.com. 73 IN A 209.132.183.2 ns3.redhat.com. 73 IN A 209.132.176.100 ;; Query time: 13 msec ;; SERVER: 209.144.50.138#53(209.144.50.138) ;; WHEN: Thu Jan 12 10:09:49 2012 ;; MSG SIZE rcvd: 164
The dig command output has the following sections:
- Header
- This displays the dig command version number, the global options used by the dig command, and a few additional header information.
- QUESTION SECTION
- This displays the question it asked the DNS. i.e This is your input. Since we executed
dig redhat.com
, and the default type dig command uses is A record, it indicates in this section that we asked for the A record of the redhat.com website - ANSWER SECTION
- This displays the answer it receives from the DNS. i.e This is your output. This displays the A record of redhat.com
- AUTHORITY SECTION
- This displays the DNS name server that has the authority to respond to this query. This displays available name servers of redhat.com
- ADDITIONAL SECTION
- This displays the IP address of the name servers listed in the
AUTHORITY SECTION
. - The stats section at the bottom displays few dig command statistics including how much time it took to execute this query.
- Display only the
ANSWER SECTION
: For the most part, all you need to look at is theANSWER SECTION
of the dig command. So, we can turn off all other sections with:
+nocomments # turn off the comment lines +noauthority # turn off the authority section +noadditional # turn off the additional section +nostats # turn off the stats section +noanswer # turn off the answer section (note: you normally would _not_ want to turn off the answer section)
- Display only the
ANSWER SECTION
:
$ dig redhat.com +nocomments +noquestion +noauthority +noadditional +nostats ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com +nocomments +noquestion +noauthority +noadditional +nostats ;; global options: +cmd redhat.com. 9 IN A 209.132.183.81
Instead of disabling all the sections that we do not want one by one, we can disable all sections using +noall
(this also turns off the ANSWER SECTION
), and add the +answer
, which will show only the answer section.
- The above command can also be written in a short form, which displays only the
ANSWER SECTION
:
$ dig redhat.com +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com +noall +answer ;; global options: +cmd redhat.com. 60 IN A 209.132.183.81
- Query
MX
records:
$ dig redhat.com MX +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com MX +noall +answer ;; global options: +cmd redhat.com. 513 IN MX 5 mx1.redhat.com. redhat.com. 513 IN MX 10 mx2.redhat.com.
- You can also use the
-t
option to pass the query type (e.g.,:MX
):
$ dig -t MX redhat.com +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> -t MX redhat.com +noall +answer ;; global options: +cmd redhat.com. 489 IN MX 10 mx2.redhat.com. redhat.com. 489 IN MX 5 mx1.redhat.com.
- Query
NS
records:
$ dig redhat.com NS +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com NS +noall +answer ;; global options: +cmd redhat.com. 558 IN NS ns2.redhat.com. redhat.com. 558 IN NS ns1.redhat.com. redhat.com. 558 IN NS ns3.redhat.com. redhat.com. 558 IN NS ns4.redhat.com. #~OR~ $ dig -t NS redhat.com +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> -t NS redhat.com +noall +answer ;; global options: +cmd redhat.com. 543 IN NS ns4.redhat.com. redhat.com. 543 IN NS ns1.redhat.com. redhat.com. 543 IN NS ns3.redhat.com. redhat.com. 543 IN NS ns2.redhat.com.
- View all the record types (A, MX, NS, etc.) with
ANY
as the record type:
$ dig redhat.com ANY +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com ANY +noall +answer ;; global options: +cmd redhat.com. 430 IN MX 5 mx1.redhat.com. redhat.com. 430 IN MX 10 mx2.redhat.com. redhat.com. 521 IN NS ns3.redhat.com. redhat.com. 521 IN NS ns1.redhat.com. redhat.com. 521 IN NS ns4.redhat.com. redhat.com. 521 IN NS ns2.redhat.com. # (or) Use -t ANY $ dig -t ANY redhat.com +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> -t ANY redhat.com +noall +answer ;; global options: +cmd redhat.com. 367 IN MX 10 mx2.redhat.com. redhat.com. 367 IN MX 5 mx1.redhat.com. redhat.com. 458 IN NS ns4.redhat.com. redhat.com. 458 IN NS ns1.redhat.com. redhat.com. 458 IN NS ns2.redhat.com. redhat.com. 458 IN NS ns3.redhat.com.
- View just the IP address of a website (i.e, the A record), use the short form option:
$ dig redhat.com +short 209.132.183.81
- Specify a record type that you want to view:
$ dig redhat.com ns +short ns2.redhat.com. ns3.redhat.com. ns1.redhat.com. ns4.redhat.com.
- Perform a DNS reverse lookup using the IP address. For example, if you just have an external IP address and would like to know the website that belongs to it, do the following:
$ dig -x 209.132.183.81 +short www.redhat.com.
- View the full details of the DNS reverse lookup:
$ dig -x 209.132.183.81 ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> -x 209.132.183.81 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62435 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 3 ;; QUESTION SECTION: ;81.183.132.209.in-addr.arpa. IN PTR ;; ANSWER SECTION: 81.183.132.209.in-addr.arpa. 600 IN PTR www.redhat.com. ;; AUTHORITY SECTION: 183.132.209.in-addr.arpa. 248 IN NS ns2.redhat.com. 183.132.209.in-addr.arpa. 248 IN NS ns1.redhat.com. 183.132.209.in-addr.arpa. 248 IN NS ns3.redhat.com. 183.132.209.in-addr.arpa. 248 IN NS ns4.redhat.com. ;; ADDITIONAL SECTION: ns1.redhat.com. 363 IN A 209.132.186.218 ns2.redhat.com. 363 IN A 209.132.183.2 ns3.redhat.com. 363 IN A 209.132.176.100 ;; Query time: 35 msec ;; SERVER: 209.144.50.138#53(209.144.50.138) ;; WHEN: Thu Jan 12 10:15:00 2012 ;; MSG SIZE rcvd: 193
By default, dig uses the DNS servers defined in your /etc/resolv.conf
file. If you would like to use a different DNS server to perform the query, specify it with @dnsserver
.
- Use
ns1.redhat.com
as the DNS server to get the answer (instead of using the DNS servers from the/etc/resolv.conf
file):
$ dig @ns1.redhat.com redhat.com ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> @ns1.redhat.com redhat.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20963 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;redhat.com. IN A ;; ANSWER SECTION: redhat.com. 60 IN A 209.132.183.81 ;; AUTHORITY SECTION: redhat.com. 600 IN NS ns1.redhat.com. redhat.com. 600 IN NS ns4.redhat.com. redhat.com. 600 IN NS ns3.redhat.com. redhat.com. 600 IN NS ns2.redhat.com. ;; ADDITIONAL SECTION: ns1.redhat.com. 600 IN A 209.132.186.218 ns2.redhat.com. 600 IN A 209.132.183.2 ns3.redhat.com. 600 IN A 209.132.176.100 ns4.redhat.com. 600 IN A 209.132.188.218 ;; Query time: 160 msec ;; SERVER: 209.132.186.218#53(209.132.186.218) ;; WHEN: Thu Jan 12 10:22:11 2012 ;; MSG SIZE rcvd: 180
- Perform a bulk DNS query based on the data from a file. First, create a sample
domains.txt
file that contains the websites that you want to query:
$ cat << EOF > domains.txt redhat.com centos.org EOF
Next, perform a bulk DNS query for the websites listed in the domains.txt
file and display the output:
$ dig -f domains.txt +noall +answer redhat.com. 60 IN A 209.132.183.81 centos.org. 60 IN A 72.232.194.162
- You can also combine the record type with the
-f
option. The following example displays the MX records of multiple websites that are located in thedomains.txt
file.
$ dig -f domains.txt MX +noall +answer redhat.com. 600 IN MX 10 mx2.redhat.com. redhat.com. 600 IN MX 5 mx1.redhat.com. centos.org. 3600 IN MX 10 mail.centos.org.
- Query multiple websites. The following example queries MX record for redhat.com, and NS record for centos.org:
$ dig redhat.com mx +noall +answer centos.org ns +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com mx +noall +answer centos.org ns +noall +answer ;; global options: +cmd redhat.com. 332 IN MX 10 mx2.redhat.com. redhat.com. 332 IN MX 5 mx1.redhat.com. centos.org. 3778 IN NS ns3.centos.org. centos.org. 3778 IN NS ns4.centos.org. centos.org. 3778 IN NS ns1.centos.org.
- If you are continually wishing to only view the
ANSWER SECTION
of the dig output, add your dig options to the.digrc
file:
$ cat $HOME/.digrc +noall +answer
Now anytime you execute the dig command, it will always use +noall
and +answer
options by default:
$ dig redhat.com redhat.com. 60 IN A 209.132.183.81 $ dig redhat.com MX redhat.com. 52 IN MX 5 mx1.redhat.com. redhat.com. 52 IN MX 10 mx2.redhat.com.
Start of Authority (SOA)
Find out the Start of Authority (SOA) record using dig
or host
. SOA specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.
- Display a SOA record using
host
:
$ host -t soa redhat.com redhat.com has SOA record a1-68.akam.net. noc.redhat.com. 2021092000 300 180 604800 14400
- Display a SOA record using
dig
:
$ dig SOA redhat.com ; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> SOA redhat.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28645 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;redhat.com. IN SOA ;; ANSWER SECTION: redhat.com. 3547 IN SOA a1-68.akam.net. noc.redhat.com. 2021092000 300 180 604800 14400 ;; Query time: 0 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Mon Sep 20 16:43:24 PDT 2021 ;; MSG SIZE rcvd: 93
Record types
A
— IPv4 IP addressAAAA
— IPv6 IP addressCNAME
— Canonical name record (Alias)NS
— Name ServersMX
— Mail eXchangesPTR
— PoinTeR record. Pointer to a canonical nameSOA
— Start Of Authority. Authoritative information about a DNS zoneTXT
— text record