cmdref.net - Cheat Sheet and Example

cmdref.net is command references/cheat sheets/examples for system engineers.

User Tools

Site Tools


Sidebar








Cloud



Etc


Reference














.

os:linux:command:dig.html



Linux Commands#network
How to use nslookup Commands on Linux
How to use host command on Linux

dig - How to use dig command in Linux

Dig Commands List

Operation Command Example
lookups – mapping names to addresses dig -x HOST dig google.com
dig xx.xx.192.in-addr.arpa
dig xx-xx.xx.192.in-addr.arpa
Reverse lookups – mapping addresses to names dig -x IP_ADDRESS dig -x 192.168.0.10
lookups at DNS Server dig @SERVER HOST dig @8.8.8.8 google.com
lookups at DNS Server dig @SERVER -x IP dig @8.8.8.8 -x 74.125.235.101
lookup for an any record (TXT, MX, SOA, A, NS) dig HOST any dig google.com any
lookup for an soa record dig HOST soa dig google.com soa
lookup for an ns record dig HOST ns dig google.com ns
lookup for an a record dig HOST a dig google.com a
lookup for an mx record dig HOST mx dig google.com mx
lookup for an txt record dig HOST txt dig google.com txt
lookup with trace dig +trace HOST dig +trace google.com
dig +trace -x 173.252.120.6

Tips

How to check A using DNS Server dig google.com | grep -i server


dig command options

dig [@global-server] [domain] [q-type]

#dig -h
Usage:  dig [@global-server] [domain] [q-type] [q-class] {q-opt}
            {global-d-opt} host [@local-server] {local-d-opt}
            [ host [@local-server] {local-d-opt} [...]]
Where:  domain    is in the Domain Name System
        q-type   is one of (a,any,mx,ns,soa,hinfo,axfr,txt,...) [default:a]
        q-opt    is one of:
                 -x dot-notation     (shortcut for reverse lookups)

        d-opt    is of the form +keyword[=value], where keyword is:
                 +[no]trace          (Trace delegation down from root)

        -h                           (print help and exit)
        -v                           (print version and exit)


#man dig

NAME
       dig - DNS lookup utility

SYNOPSIS
       dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-m] [-p port#] [-q name] [-t type] [-x addr]
           [-y [hmac:]name:key] [-4] [-6] [name] [type] [class] [queryopt...]

       dig [-h]

       dig [global-queryopt...] [query...]

SIMPLE USAGE
       A typical invocation of dig looks like:

            dig @server name type

       where:

       server
           is the name or IP address of the name server to query.
           If no server argument is provided, dig consults /etc/resolv.conf;


       name
           is the name of the resource record that is to be looked up.

       type
           indicates what type of query is required -- ANY, A, MX, SIG, etc.  type can be any valid query type. If no
           type argument is supplied, dig will perform a lookup for an A record.

OPTIONS
       Reverse lookups - mapping addresses to names - are simplified by the -x option.  addr is an IPv4 address in
       dotted-decimal notation, or a colon-delimited IPv6 address. When this option is used, there is no need to provide the
       name, class and type arguments.  dig automatically performs a lookup for a name like 11.12.13.10.in-addr.arpa and
       sets the query type and class to PTR and IN respectively. 


QUERY OPTIONS
       +[no]trace
          Toggle tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled
          by default. When tracing is enabled, dig makes iterative queries to resolve the name being looked up. It will
          follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup.


dig Example

a record

#dig amazon.com

; <<>> DiG 9.9.4-P1 <<>> amazon.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59472
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;amazon.com.                    IN      A

;; ANSWER SECTION:
amazon.com.             1       IN      A       205.251.242.54
amazon.com.             1       IN      A       72.21.215.232
amazon.com.             1       IN      A       176.32.98.166

;; Query time: 0 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Wed Mar 11 00:58:31     2015
;; MSG SIZE  rcvd: 87

any record

#dig amazon.com any

; <<>> DiG 9.9.4-P1 <<>> amazon.com any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4420
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;amazon.com.                    IN      ANY

;; ANSWER SECTION:
amazon.com.             891     IN      SOA     dns-external-master.amazon.com. root.amazon.com. 2010112703 180 60 3024000 60
amazon.com.             2305    IN      NS      ns4.p31.dynect.net.
amazon.com.             2305    IN      NS      ns1.p31.dynect.net.
amazon.com.             2305    IN      NS      pdns1.ultradns.net.
amazon.com.             2305    IN      NS      pdns6.ultradns.co.uk.
amazon.com.             2305    IN      NS      ns3.p31.dynect.net.
amazon.com.             2305    IN      NS      ns2.p31.dynect.net.

;; Query time: 15 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Wed Mar 11 00:58:57     2015
;; MSG SIZE  rcvd: 249

ptr +trace

$ host facebook.com
facebook.com has address 173.252.120.6
facebook.com has IPv6 address 2a03:2880:2130:cf05:face:b00c:0:1
facebook.com mail is handled by 10 msgin.vvv.facebook.com.


$ dig +trace -x 173.252.120.6

; <<>> DiG 9.3.4-P1 <<>> +trace -x 173.252.120.6
;; global options:  printcmd
.                       106152  IN      NS      f.root-servers.net.
.                       106152  IN      NS      g.root-servers.net.
.                       106152  IN      NS      h.root-servers.net.
.                       106152  IN      NS      i.root-servers.net.
.                       106152  IN      NS      j.root-servers.net.
.                       106152  IN      NS      k.root-servers.net.
.                       106152  IN      NS      l.root-servers.net.
.                       106152  IN      NS      m.root-servers.net.
.                       106152  IN      NS      a.root-servers.net.
.                       106152  IN      NS      b.root-servers.net.
.                       106152  IN      NS      c.root-servers.net.
.                       106152  IN      NS      d.root-servers.net.
.                       106152  IN      NS      e.root-servers.net.
;; Received 509 bytes from 192.168.100.252#53(192.168.100.252) in 0 ms

in-addr.arpa.           172800  IN      NS      d.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      e.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      f.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      a.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      c.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      b.in-addr-servers.arpa.
;; Received 420 bytes from 192.5.5.241#53(f.root-servers.net) in 11 ms

173.in-addr.arpa.       86400   IN      NS      v.arin.net.
173.in-addr.arpa.       86400   IN      NS      u.arin.net.
173.in-addr.arpa.       86400   IN      NS      x.arin.net.
173.in-addr.arpa.       86400   IN      NS      z.arin.net.
173.in-addr.arpa.       86400   IN      NS      y.arin.net.
173.in-addr.arpa.       86400   IN      NS      r.arin.net.
173.in-addr.arpa.       86400   IN      NS      w.arin.net.
173.in-addr.arpa.       86400   IN      NS      t.arin.net.
;; Received 180 bytes from 200.10.60.53#53(d.in-addr-servers.arpa) in 326 ms

120.252.173.in-addr.arpa. 86400 IN      NS      b.ns.facebook.com.
120.252.173.in-addr.arpa. 86400 IN      NS      a.ns.facebook.com.
;; Received 91 bytes from 63.243.194.2#53(v.arin.net) in 50 ms

6.120.252.173.in-addr.arpa. 3600 IN     PTR     edge-star-shv-12-frc3.facebook.com.
120.252.173.in-addr.arpa. 172800 IN     NS      a.ns.facebook.com.
120.252.173.in-addr.arpa. 172800 IN     NS      b.ns.facebook.com.
;; Received 159 bytes from 69.171.255.12#53(b.ns.facebook.com) in 2 ms


How to check TTL to the authoritative DNS server

When I contact the cache server etc., the cache time is returned

Step1 check Name Server(Authoritative DNS server)

$ dig google.com ns

;; ANSWER SECTION:
google.com.             7181    IN      NS      ns4.google.com.
google.com.             7181    IN      NS      ns3.google.com.
google.com.             7181    IN      NS      ns2.google.com.
google.com.             7181    IN      NS      ns1.google.com.

Step2 check TTL to Authoritative DNS server

A Recode(TTL 300)
$ dig google.com  @ns1.google.com.

;; ANSWER SECTION:
google.com.             300     IN      A       172.217.175.238
MX Recode(TTL 600)
$ dig google.com mx  @ns1.google.com.

;; ANSWER SECTION:
google.com.             600     IN      MX      50 alt4.aspmx.l.google.com.
google.com.             600     IN      MX      20 alt1.aspmx.l.google.com.
google.com.             600     IN      MX      30 alt2.aspmx.l.google.com.
google.com.             600     IN      MX      10 aspmx.l.google.com.
google.com.             600     IN      MX      40 alt3.aspmx.l.google.com.
NS Recode(TTL 345600)
$ dig google.com soa  @ns1.google.com.

;; ANSWER SECTION:
google.com.             345600  IN      NS      ns3.google.com.
google.com.             345600  IN      NS      ns2.google.com.
google.com.             345600  IN      NS      ns1.google.com.
google.com.             345600  IN      NS      ns4.google.com.
SOA Recode(TTL 345600)
$ dig google.com soa  @ns1.google.com.

;; AUTHORITY SECTION:
google.com.             345600  IN      NS      ns3.google.com.
google.com.             345600  IN      NS      ns1.google.com.
google.com.             345600  IN      NS      ns2.google.com.
google.com.             345600  IN      NS      ns4.google.com.







os/linux/command/dig.html.txt · Last modified: 2021/08/22 by admin

Page Tools