The dig command is a Linux utility that allows you to grab information about a domain from the command line. The command is very vast with a lot of options and tags to work with.
In this article, we’ll work with the most common uses of the command and demonstrate some of the tags that can get nameservers and other important information about a specific domain. Before we get into it, let’s understand the dig command.
What is the dig command?
DNS problems are a common issue which system administrators face.
In such a case, we need to get information about the network to find a solution. This is where the DiG (Domain Information Grabber) utility comes into the picture.
With the dig command in Linux, you can query the network about any kind of DNS records, such as name servers, mail exchanges, and host addresses. It can also allow for reverse DNS lookups.
In this article, we will understand the working of the dig command in Linux. Then we will have a look at some practical applications of the same.
Basics of the dig command
Now, the best way to learn any command best through understanding it’s syntax.
Syntax of the dig command:
dig [tag] [option] @dns-server [hostname/IPaddress] [type]
Here, we use tags to specify the conditions for our query. Next, we use one or more query options to toggle the available specifications for our query.
This is followed by the name or address of the name server which we wish to query.
Finally, we specify the resource record which we wish to query using its hostname or address. This can be followed by a type to set the type for our DNS query.
List of options for dig
The dig command provides a long list of options to customize the data we receive while analysing our network. Here is a list of some of the most popular dig command tags.
|-4 / -6||Specify the IPv4 (for -4) or IPv6 (for -6) resolution of IP address for sending your query to the remote machine.|
|-t||Type of query which the user wishes to the target. The typer of the query can be set to any supported query types found in the BIND 9 specifications. The default query type is ‘A’.|
|-b||Source IP address for the query. This can be any address under the host’s network interface or ‘::’ or ‘0.0.0.0’|
|-f||This makes the dig utility to work in Batch mode. Here, all the commands are read through an input batch file in place of the standard input. This file should contain all the queries in the order of one per line. Further, these queries should be in the same format as the dig queries used in the command line.|
|-m||This tag is used to open the menu for debugging memory usage configurations.|
These were only the most commonly used tags available with the dig command in Linux. Make sure to check the other tags on the man page to utilize the full functionality of the dig command.
Query types for dig
When discussing dig, we also need to learn about query types. Here is a table containing some useful query options.
|+tcp||Toggle the use of TCP when we query a name server. By default, dig uses UDP for its queries unless the user requests an AXFR or IXFR query.|
|+cdflag||Toggle the use of ‘Checking Disable’ bit in a user query. This asks the server to avoid using the DNSSEC validation of the response. By default, this DNSSEC validation is performed.|
|+recurse||Set the ‘Recursion Desired’ bit when we send a dig query. This bit is part of a query by default. Hence, dig always uses recursive queries. However, recursion is disabled in a +trace or +nssearch query.|
|+tries=n||Set the number of tries for a UDP query to n instead of the three tries which is the default number.|
|+time=t||Set the number of seconds before a query is timed out to t. By default, this time is set at 5 seconds.|
Adding “no” between the + sign and the keyword (without spaces) can cause the opposite effect to what we discussed above.
This list only contains the most commonly used query options in the dig command in Linux.
Remember to check the other options to make use of the full functionality of the dig command.
Using the dig command
Now that we understand how the dig command in Linux works, it is time to learn how to use it. Here we explore some common useful applications of the dig command.
1. Querying a single host
The simplest use of the dig command is to query a host using it. Here is a command we can use to query the host at Google.com.
You should see an output which looks similar to the screenshot given above. When used without any options, the dig command shows the reply of the host along with other DNS information in the form of comments.
Significance of each section in dig output
- The first two lines contain the DiG version on your system, the host address used in the query, and the options used in the query. Here the only default option is +cmd, which is what prints our first two lines as comments.
- Next, we see the technical details regarding the reply which was sent by the DNS server regarding our query. Newer versions can see an ‘OPT pseudo section’ covering the extension mechanisms for DNS (EDNS).
- This is followed by the ‘Question section’ which displays our query and ‘Answer section’ which shows the DNS server’s reply.
- Finally, the last section contains statistics regarding our query. In some results, an ‘Authority section’ shows the servers which are the authority to respond to our query.
- ‘Additional section’ contains the IP addresses which come under the authority DNS servers.
Display only important sections
If you wish to avoid seeing all the extra information, we can use the following command.
dig google.com +noall +answer
This will only display the result from the name server as +noall disables all comments and +answer prints the answer from the name server. You should see an output similar to the screenshot above.
2. Querying all DNS records
When you wish to check all the DNS records present on the host, we can do so with the help of the following command.
dig +nocmd google.com any +noall +answer
You should see the above output containing the list of DNS records. You can replace any with a record type when querying for specific records
3. Performing reverse DNS lookup
We used the dig command to work out the IP address from the hostname of a name server. Now let’s use it to do the reverse. To figure out the hostname associated with an IP address, we use the following command.
dig -x 18.104.22.168 +noall +answer
As you can see in the screenshot, the dig command used reverse DNS lookup and found that this IP address is associated with the host at bom05s08-in-f12.1e1mm.net
The DiG utility is a powerful Linux tool for querying DNS name servers using the command line. We hope this article was able to help you understand the dig command in Linux. If you have any feedback, queries or corrections, feel free to leave them in the comments below