~/dig and examples
Nov 5, 2022
The dig
(Domain Information Groper) command in the CLI is used to query DNS servers for information about domains. It provides details like IP addresses, mail servers, and other DNS records, useful for diagnosing DNS issues or inspecting domain configurations.
Basic Usage Example:
|
|
Common Options:
dig example.com MX
– Retrieves the mail exchange (MX) records.dig example.com ANY
– Retrieves all available records.dig +short example.com
– Shows just the IP address.
-
Basic A Record Lookup:
1
dig example.com
Retrieves the A record (IP address) for the domain.
-
Find Specific Record Types:
-
Reverse DNS Lookup:
1
dig -x 8.8.8.8
Finds the domain associated with an IP address.
-
Find All Available DNS Records:
1
dig example.com ANY
Retrieves all DNS records for the domain.
-
Query Specific DNS Server:
1
dig @8.8.8.8 example.com
Uses a specified DNS server (e.g., Google’s) for the lookup.
-
Use +short to Simplify Output:
1
dig example.com +short
Provides a concise output, showing only the IP address.
-
Check SOA (Start of Authority) Records:
1
dig example.com SOA
Retrieves the SOA record, showing authoritative server and timestamps.
-
Trace DNS Resolution Path:
1
dig +trace example.com
Shows the entire resolution path from root servers to authoritative servers.
-
Display Query Time:
1
dig example.com +stats
Adds statistics, including query time, in the output.
-
Inspect DNSSEC Information:
|
|
Shows DNSSEC signatures, if configured for the domain.
These dig
commands offer flexibility for both routine lookups and in-depth DNS troubleshooting.
References