Connect with us

Website

Essential Guide to the Linux Dig Command

Published

3 weeks ago

on

Essential Guide to the Linux Dig Command

DNS is a core concept in today’s modern age as we would have the concept of domain names without it. Imagine needing to remember an IP address like 198.51.100.215 Instead of a domain name like sirstevehq.com. Better yet a fill IPv6 address like 2001:DB8:d824:d476:d6e6:ad69:446f:e630. You can see what domains are needed. In this post, we will explore the dig command in Linux, an essential command line tool for looking up DNS records.

Table of contents

What Is DNS?

The Domain Name System also known as DNS, is the system a domain name like sirstevehq.com to an IP address that your device then connects to retrieve from.

What Are DNS Record Types?

In DNS there are different record types each has its uses, for example, there are ones specific to email, DNS, etc.

What Does TTL Mean?

TTL stands for time to live, a value configured by the domain administrator that sets the maximum time a record should be cached for. For more on DNS caching on Linux check out this post.

Installing Dig

Some distributions provide a sub-package that allows you to install dig and a few other utilities without needing to install the full version of bind.

For Debian or Ubuntu, the package names you will want to look for are dnsutils or bind9-dnsutils.

Advertisement

For RedHat, Alma, Rocky, or Centos look for the package name bind-utils.

Introduction To Dig

The dig command is included in bind9 provided by the Internet Systems Consortium. This tool is used to make DNS queries to DNS servers from the command line.

The most basic syntax looks like this. 

dig example.com

The results of that command are: 

; <<>> DiG 9.18.25 <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22810
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1432
;; QUESTION SECTION:
;example.com.           IN  A
 
;; ANSWER SECTION:
example.com.        2601    IN  A   93.184.216.34
 
;; Query time: 976 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Wed Apr 17 15:36:32 EDT 2024
;; MSG SIZE  rcvd: 56

What we are going to be most concerned about is the “ANSWER SECTION” as this is the result of the lookup.

Advertisement

This tells us an A record lookup for example.com is currently resolving to the IPv4 address of 93.184.216.34.

Syntax

Building on the most basic syntax this is what the typical syntax looks like: 

dig [options] name type

name – is the domain or subdomain you want to look up.

type – The list below contains the most common DNS record types.

Note: It should be noted that order isn’t as important compared to other commands.

Advertisement

Common DNS Record Types

  • A – An A record is an IPv4 record that is used to point a domain to an IPv4 address.
  • AAAA – An AAAA Recoed is the IPv6 equilvant of an A record
  • CNAME – A CNAME records point one domain to the results of another domain.
  • MX – An MX record determines where email for a domain should be sent.
  • PTR – A PTR record returns a domain for an IP.
  • TXT – A TXT record is a text record that allows a string of text to be added to DNS.
  • NS – An NS record is a Name server record used when working with name servers.
  • SOA – The SOA record contains information about the domain such as the admin email address, primary name server, and serial number.

For a full type list refer to this list.

Options

There are quite a few options and flags for the dig command below are the ones I recommend being aware of:

@server – With this option you specify the IP or domain to which DNS servers the DNS query is made.

-4 – This option indicates that only IPv4 should be used.

-6 – This option indicates that only IPv6 should be used.

-r – This option disables the loading of .digrc.

-f file – This option sets batch mode, where dig reads a list of lookup requests from a file. Each line in the file should be organized in the same way it would be presented as a query to dig.

Advertisement

-p port – This option lets you set a non-standard port for the query.

-t type -This option indicates the resource record type to query, which can be any valid query type. The default query type is A.

-x IP – This option sets simplified reverse lookups, for mapping IP addresses to names.

+short – This option will provide a shorter more concise output. For a standard lookup, it will return just the IP.

+trace – This option starts at the root name servers and traces each step till it gets to the domain you want to look up.

Advertisement

+tcp – Instead of UDP (default) use TCP instead.

+https – This option indicates to use of DNS over HTTPS (DoH) when querying name servers. The request is made using a POST request to port 443.

+timeout=T – This option sets the timeout for a query to T seconds. The default timeout is 5 seconds.

+tls – This option tells dig you want to make the DNS lookup over TLS (DoT) when querying name servers. The default port for DoH of 853 is used unless otherwise specified.

+ttlunits -This option will show the TTL in a more friendly way.

Advertisement

+yaml – When enabled, this option prints the responses in a detailed YAML format.

To see a full list of commands and options for the dig command run the following command or check out an online man page. 

man dig

Examples

In this section, we have various DNS query examples using the above options.

Using Short 

dig +short example.com MX

This command will return the FQDN of any mail servers for the domain example.com.

Advertisement

Trace 

dig +trace example.com

This command will trace the domain starting at the root domain name servers.

Lookup at a specific server 

dig @1.1.1.1 example.com TXT

This query will look for text records for the example.com domain via 1.1.1.1.

Reverse DNS Lookup

Advertisement
dig -x +short 1.1.1.1

A reverse DNS lookup for 1.1.1.1, for example, will result in one.one.one.one.

DNS over HTTPS 

dig +https @cloudflare-dns.com example.com

This example will make the DNS lookup using DNS over HTTPS (AKA DoH).

DNS over TLS 

dig example.com +tls @1.1.1.1

This query will use DNS over TLS via 1.1.1.1.

Advertisement

Did You Know?

If you create a file in your home directory called .digrc you can save your defaults for dig so you don’t have to apply them every time.

Here is an example: 

+short +https @cloudflare-dns.com

Conclusion

Today’s technology could never be the same with the core concept of domains and DNS. In this blog post, we have walked through how to use the dig command. From understanding related terms to installing the dig command if it isn’t installed, and performing DNS lookups using the command.

Related Topics:

Stephen Oduntan is the founder and CEO of SirsteveHQ, one of the fastest growing independent web hosts in Nigeria. Stephen has been working online since 2010 and has over a decade experience in Internet Entrepreneurship.

Continue Reading
Advertisement
Comments

Trending

Copyright © 2024 SirsteveHQ. All Rights Reserved.