~/dig and examples

Nov 5, 2022


The dig (Domain Information Groper) command in the CLI is used to query DNS servers for information about domains. It provides details like IP addresses, mail servers, and other DNS records, useful for diagnosing DNS issues or inspecting domain configurations.

Basic Usage Example:

1
dig example.com

Common Options:

  1. Basic A Record Lookup:

    1
    
    dig example.com
    

    Retrieves the A record (IP address) for the domain.

  2. Find Specific Record Types:

    1
    2
    3
    
    dig example.com MX   # Mail server records
    dig example.com TXT  # Text records (e.g., SPF, DKIM)
    dig example.com NS   # Nameserver records
    
  3. Reverse DNS Lookup:

    1
    
    dig -x 8.8.8.8
    

    Finds the domain associated with an IP address.

  4. Find All Available DNS Records:

    1
    
    dig example.com ANY
    

    Retrieves all DNS records for the domain.

  5. Query Specific DNS Server:

    1
    
    dig @8.8.8.8 example.com
    

    Uses a specified DNS server (e.g., Google’s) for the lookup.

  6. Use +short to Simplify Output:

    1
    
    dig example.com +short
    

    Provides a concise output, showing only the IP address.

  7. Check SOA (Start of Authority) Records:

    1
    
    dig example.com SOA
    

    Retrieves the SOA record, showing authoritative server and timestamps.

  8. Trace DNS Resolution Path:

    1
    
    dig +trace example.com
    

    Shows the entire resolution path from root servers to authoritative servers.

  9. Display Query Time:

    1
    
    dig example.com +stats
    

    Adds statistics, including query time, in the output.

  10. Inspect DNSSEC Information:

1
dig example.com +dnssec

Shows DNSSEC signatures, if configured for the domain.

These dig commands offer flexibility for both routine lookups and in-depth DNS troubleshooting.

References

Tags: [linux]