Linux Commands#network
How to use nslookup Commands on Linux
How to use host command on Linux
DNS lookup utility
| Operation | Command | Example |
|---|---|---|
| lookups – mapping names to addresses | dig -x HOST | dig google.com dig xx.xx.192.in-addr.arpa dig xx-xx.xx.192.in-addr.arpa |
| Reverse lookups – mapping addresses to names | dig -x IP_ADDRESS | dig -x 192.168.0.10 |
| lookups at DNS Server | dig @SERVER HOST | dig @8.8.8.8 google.com |
| lookups at DNS Server | dig @SERVER -x IP | dig @8.8.8.8 -x 74.125.235.101 |
| lookup for an any record (TXT, MX, SOA, A, NS) | dig HOST any | dig google.com any |
| lookup for an soa record | dig HOST soa | dig google.com soa |
| lookup for an ns record | dig HOST ns | dig google.com ns |
| lookup for an a record | dig HOST a | dig google.com a |
| lookup for an mx record | dig HOST mx | dig google.com mx |
| lookup for an txt record | dig HOST txt | dig google.com txt |
| lookup with trace | dig +trace HOST | dig +trace google.com dig +trace -x 173.252.120.6 |
| How to check A using DNS Server | dig google.com | grep -i server |
dig [@global-server] [domain] [q-type]
#dig -h
Usage: dig [@global-server] [domain] [q-type] [q-class] {q-opt}
{global-d-opt} host [@local-server] {local-d-opt}
[ host [@local-server] {local-d-opt} [...]]
Where: domain is in the Domain Name System
q-type is one of (a,any,mx,ns,soa,hinfo,axfr,txt,...) [default:a]
q-opt is one of:
-x dot-notation (shortcut for reverse lookups)
d-opt is of the form +keyword[=value], where keyword is:
+[no]trace (Trace delegation down from root)
-h (print help and exit)
-v (print version and exit)
#man dig
NAME
dig - DNS lookup utility
SYNOPSIS
dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-m] [-p port#] [-q name] [-t type] [-x addr]
[-y [hmac:]name:key] [-4] [-6] [name] [type] [class] [queryopt...]
dig [-h]
dig [global-queryopt...] [query...]
SIMPLE USAGE
A typical invocation of dig looks like:
dig @server name type
where:
server
is the name or IP address of the name server to query.
If no server argument is provided, dig consults /etc/resolv.conf;
name
is the name of the resource record that is to be looked up.
type
indicates what type of query is required -- ANY, A, MX, SIG, etc. type can be any valid query type. If no
type argument is supplied, dig will perform a lookup for an A record.
OPTIONS
Reverse lookups - mapping addresses to names - are simplified by the -x option. addr is an IPv4 address in
dotted-decimal notation, or a colon-delimited IPv6 address. When this option is used, there is no need to provide the
name, class and type arguments. dig automatically performs a lookup for a name like 11.12.13.10.in-addr.arpa and
sets the query type and class to PTR and IN respectively.
QUERY OPTIONS
+[no]trace
Toggle tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled
by default. When tracing is enabled, dig makes iterative queries to resolve the name being looked up. It will
follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup.
#dig amazon.com ; <<>> DiG 9.9.4-P1 <<>> amazon.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59472 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;amazon.com. IN A ;; ANSWER SECTION: amazon.com. 1 IN A 205.251.242.54 amazon.com. 1 IN A 72.21.215.232 amazon.com. 1 IN A 176.32.98.166 ;; Query time: 0 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Wed Mar 11 00:58:31 2015 ;; MSG SIZE rcvd: 87
#dig amazon.com any ; <<>> DiG 9.9.4-P1 <<>> amazon.com any ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4420 ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;amazon.com. IN ANY ;; ANSWER SECTION: amazon.com. 891 IN SOA dns-external-master.amazon.com. root.amazon.com. 2010112703 180 60 3024000 60 amazon.com. 2305 IN NS ns4.p31.dynect.net. amazon.com. 2305 IN NS ns1.p31.dynect.net. amazon.com. 2305 IN NS pdns1.ultradns.net. amazon.com. 2305 IN NS pdns6.ultradns.co.uk. amazon.com. 2305 IN NS ns3.p31.dynect.net. amazon.com. 2305 IN NS ns2.p31.dynect.net. ;; Query time: 15 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Wed Mar 11 00:58:57 2015 ;; MSG SIZE rcvd: 249
$ host facebook.com facebook.com has address 173.252.120.6 facebook.com has IPv6 address 2a03:2880:2130:cf05:face:b00c:0:1 facebook.com mail is handled by 10 msgin.vvv.facebook.com. $ dig +trace -x 173.252.120.6 ; <<>> DiG 9.3.4-P1 <<>> +trace -x 173.252.120.6 ;; global options: printcmd . 106152 IN NS f.root-servers.net. . 106152 IN NS g.root-servers.net. . 106152 IN NS h.root-servers.net. . 106152 IN NS i.root-servers.net. . 106152 IN NS j.root-servers.net. . 106152 IN NS k.root-servers.net. . 106152 IN NS l.root-servers.net. . 106152 IN NS m.root-servers.net. . 106152 IN NS a.root-servers.net. . 106152 IN NS b.root-servers.net. . 106152 IN NS c.root-servers.net. . 106152 IN NS d.root-servers.net. . 106152 IN NS e.root-servers.net. ;; Received 509 bytes from 192.168.100.252#53(192.168.100.252) in 0 ms in-addr.arpa. 172800 IN NS d.in-addr-servers.arpa. in-addr.arpa. 172800 IN NS e.in-addr-servers.arpa. in-addr.arpa. 172800 IN NS f.in-addr-servers.arpa. in-addr.arpa. 172800 IN NS a.in-addr-servers.arpa. in-addr.arpa. 172800 IN NS c.in-addr-servers.arpa. in-addr.arpa. 172800 IN NS b.in-addr-servers.arpa. ;; Received 420 bytes from 192.5.5.241#53(f.root-servers.net) in 11 ms 173.in-addr.arpa. 86400 IN NS v.arin.net. 173.in-addr.arpa. 86400 IN NS u.arin.net. 173.in-addr.arpa. 86400 IN NS x.arin.net. 173.in-addr.arpa. 86400 IN NS z.arin.net. 173.in-addr.arpa. 86400 IN NS y.arin.net. 173.in-addr.arpa. 86400 IN NS r.arin.net. 173.in-addr.arpa. 86400 IN NS w.arin.net. 173.in-addr.arpa. 86400 IN NS t.arin.net. ;; Received 180 bytes from 200.10.60.53#53(d.in-addr-servers.arpa) in 326 ms 120.252.173.in-addr.arpa. 86400 IN NS b.ns.facebook.com. 120.252.173.in-addr.arpa. 86400 IN NS a.ns.facebook.com. ;; Received 91 bytes from 63.243.194.2#53(v.arin.net) in 50 ms 6.120.252.173.in-addr.arpa. 3600 IN PTR edge-star-shv-12-frc3.facebook.com. 120.252.173.in-addr.arpa. 172800 IN NS a.ns.facebook.com. 120.252.173.in-addr.arpa. 172800 IN NS b.ns.facebook.com. ;; Received 159 bytes from 69.171.255.12#53(b.ns.facebook.com) in 2 ms
When I contact the cache server etc., the cache time is returned
$ dig google.com ns ;; ANSWER SECTION: google.com. 7181 IN NS ns4.google.com. google.com. 7181 IN NS ns3.google.com. google.com. 7181 IN NS ns2.google.com. google.com. 7181 IN NS ns1.google.com.
$ dig google.com @ns1.google.com. ;; ANSWER SECTION: google.com. 300 IN A 172.217.175.238
$ dig google.com mx @ns1.google.com. ;; ANSWER SECTION: google.com. 600 IN MX 50 alt4.aspmx.l.google.com. google.com. 600 IN MX 20 alt1.aspmx.l.google.com. google.com. 600 IN MX 30 alt2.aspmx.l.google.com. google.com. 600 IN MX 10 aspmx.l.google.com. google.com. 600 IN MX 40 alt3.aspmx.l.google.com.
$ dig google.com soa @ns1.google.com. ;; ANSWER SECTION: google.com. 345600 IN NS ns3.google.com. google.com. 345600 IN NS ns2.google.com. google.com. 345600 IN NS ns1.google.com. google.com. 345600 IN NS ns4.google.com.
$ dig google.com soa @ns1.google.com. ;; AUTHORITY SECTION: google.com. 345600 IN NS ns3.google.com. google.com. 345600 IN NS ns1.google.com. google.com. 345600 IN NS ns2.google.com. google.com. 345600 IN NS ns4.google.com.