10 advanced ways to use the dig command in Linux

Linux, the powerhouse of operating systems, comes with an arsenal of command-line tools, each with its own unique strengths. Among these, the dig command, short for Domain Information Groper, is a versatile tool for querying DNS (Domain Name System) servers. As a Linux enthusiast, I’ve spent countless hours exploring dig, and here, I’ll share some of its most powerful and practical usages, complete with examples from my Ubuntu terminal.

Introduction to dig

First things first, dig is a network administrator’s Swiss Army knife for DNS troubleshooting and analysis. It’s part of the BIND DNS software suite but is usually pre-installed on most Linux distributions, including Ubuntu.

The dig command is essential for querying DNS servers. It offers detailed information about domain names and their corresponding records, crucial for network troubleshooting and DNS analysis.

10 powerful usages of Linux’s dig command

1. Basic DNS query

Usage: To perform a simple DNS lookup.

This is the most fundamental use of dig, providing information about the specified domain. It’s useful for a quick check of a domain’s IP address and other DNS details.

Example:

dig example.com

Output: This will display a wealth of information including the domain’s A record (IP address), the query time, server used, and more.

Example:

foss_linux@fosslinux-ubuntu:~$ dig fossliinux.com

; <<>> DiG 9.18.12-0ubuntu0.22.04.3-Ubuntu <<>> fossliinux.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9008
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;fossliinux.com. IN A

;; AUTHORITY SECTION:
com. 30 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1705977040 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Jan 22 21:31:05 EST 2024
;; MSG SIZE rcvd: 116

2. Querying specific record types

Usage: Sometimes, you need more than just the A record.

DNS has several record types like A, MX, NS, etc. Using dig to query specific types helps in troubleshooting specific aspects of DNS, like mail server setup (MX) or domain delegation (NS).

Example:

dig example.com MX

Output: Lists the MX (Mail Exchange) records, crucial for understanding email server setups.

Example:

foss_linux@fosslinux-ubuntu:~$ dig fosslinux.com MX

; <<>> DiG 9.18.12-0ubuntu0.22.04.3-Ubuntu <<>> fosslinux.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14820
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;fosslinux.com. IN MX

;; ANSWER SECTION:
fosslinux.com. 3600 IN MX 10 mx.zoho.com.
fosslinux.com. 3600 IN MX 20 mx2.zoho.com.
fosslinux.com. 3600 IN MX 50 mx3.zoho.com.

;; Query time: 128 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Jan 22 21:32:32 EST 2024
;; MSG SIZE rcvd: 106

3. Short and sweet

Usage: When you need just the answer, nothing more.

For times when you need only the direct answer without extra information, this usage is perfect. It’s particularly handy in scripts where you need clean, parsable output.

Example:

dig example.com +short

Output: Shows only the IP address of example.com. I personally love this for its brevity, especially when I’m scripting.

Example:

foss_linux@fosslinux-ubuntu:~$ dig fosslinux.com +short
66.135.21.240

4. Reverse DNS lookups

Usage: Finding the domain name associated with an IP address.

This is about mapping IP addresses back to hostnames. It’s a reverse of the usual process and is key in network security and administration, ensuring IP addresses correspond to expected hostnames.

Example:

dig -x 66.135.21.240

Output: Reveals the domain name for this IP, typically used in security audits.

Example:

foss_linux@fosslinux-ubuntu:~$ dig -x 66.135.21.240

; <<>> DiG 9.18.12-0ubuntu0.22.04.3-Ubuntu <<>> -x 66.135.21.240
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3030
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;240.21.135.66.in-addr.arpa. IN PTR

;; ANSWER SECTION:
240.21.135.66.in-addr.arpa. 300 IN PTR 66-135-21-240.constant.com.

;; Query time: 164 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Jan 22 21:37:08 EST 2024
;; MSG SIZE rcvd: 95

5. Checking DNS records across different servers

Usage: To compare responses from different DNS servers.

This use case is vital for comparing how different DNS servers handle the same query, useful in identifying inconsistencies or propagation issues.

Example:

dig example.com @1.1.1.1
dig example.com @8.8.8.8

Output: Shows how Google’s and Cloudflare’s servers respond to the same query.

; <<>> DiG 9.16.1-Ubuntu <<>> fosslinux.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47385
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; ANSWER SECTION:
fosslinux.com. 300 IN A 104.21.90.5
fosslinux.com. 300 IN A 172.67.183.34

;; Query time: 10 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu Jul 08 12:15:00 UTC 2024
;; MSG SIZE rcvd: 65

6. Trace DNS path

Usage: For understanding the path of a DNS query.

This offers an in-depth look at the DNS query path, showing how your request travels through the DNS hierarchy. It’s an excellent way to understand DNS resolution steps and to identify potential issues in the chain.

Example:

dig example.com +trace

Output: This traces the path from the root server down to the authoritative server. It’s like watching a detective follow clues!

Example:

foss_linux@fosslinux-ubuntu:~$ dig fosslinux.com +trace

; <<>> DiG 9.18.12-0ubuntu0.22.04.3-Ubuntu <<>> fosslinux.com +trace
;; global options: +cmd
. 518397 IN NS c.root-servers.net.
. 518397 IN NS d.root-servers.net.
. 518397 IN NS e.root-servers.net.
. 518397 IN NS f.root-servers.net.
. 518397 IN NS g.root-servers.net.
. 518397 IN NS h.root-servers.net.
. 518397 IN NS i.root-servers.net.
. 518397 IN NS j.root-servers.net.
. 518397 IN NS k.root-servers.net.
. 518397 IN NS l.root-servers.net.
-------more

7. Querying DNSSEC details

Usage: For those delving into the world of DNS Security Extensions (DNSSEC).

For domains secured with DNSSEC, this query provides security-related records. It’s crucial for verifying the DNSSEC implementation and ensuring that the DNS information is authenticated and trustworthy.

Example:

dig example.com +dnssec

Output: Returns DNSSEC-related records like RRSIG, DNSKEY, etc., essential for understanding secure DNS.

Example:

foss_linux@fosslinux-ubuntu:~$ dig fosslinux.com +dnssec

; <<>> DiG 9.18.12-0ubuntu0.22.04.3-Ubuntu <<>> fosslinux.com +dnssec
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36645
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;fosslinux.com. IN A

;; ANSWER SECTION:
fosslinux.com. 600 IN A 66.135.21.240

;; Query time: 36 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Jan 22 21:45:38 EST 2024
;; MSG SIZE rcvd: 58

8. Checking domain’s SOA record

Usage: To get details about a domain’s zone and its primary nameserver.

The SOA record holds essential administrative information about a domain. Querying it reveals data like the primary nameserver, responsible party for the domain, and refresh rates – all important for domain management.

Example:

dig example.com SOA

Output: Displays the Start of Authority record, including details about the zone’s primary nameserver, contact email, and refresh timers.

Example:

foss_linux@fosslinux-ubuntu:~$ dig fosslinux.com SOA

; <<>> DiG 9.18.12-0ubuntu0.22.04.3-Ubuntu <<>> fosslinux.com SOA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18553
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;fosslinux.com. IN SOA

;; ANSWER SECTION:
fosslinux.com. 3600 IN SOA ns41.domaincontrol.com. dns.jomax.net. 2023110401 28800 7200 604800 600

;; Query time: 132 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Jan 22 21:46:39 EST 2024
;; MSG SIZE rcvd: 110

9. Getting detailed response information

Usage: When you need to deep-e into the query’s technical details.

When you need to go beyond just the basics and understand the nitty-gritty of a DNS query, this command provides exhaustive details about the query and its response.

Example:

dig example.com +noall +answer +stats

Output: Provides a focused view on the answer section along with query statistics.

10. Batch mode for multiple queries

Usage: Executing multiple queries from a file.

This is a time-saver for querying multiple domains at once. By feeding dig a list of domains, you can efficiently gather data on numerous domains in one go, ideal for bulk DNS analysis or monitoring.

Example: Create a file queries.txt with one domain per line, then:

dig -f queries.txt +short

Output: Returns the IP addresses for all the domains listed in the file.

dig command quick reference table

Conclusion

The dig command is a testament to Linux’s flexibility and depth. From basic queries to complex DNS investigations, it stands as an invaluable tool in the Linux user’s toolkit. While I’ve shared my top usages, the true beauty of dig lies in its adaptability to myriad network tasks. Whether you’re a seasoned sysadmin or a Linux hobbyist, spending time with dig is a rewarding investment into your command-line proficiency.

The examples above are just the tip of the iceberg. dig is rich with options and flags that cater to virtually any DNS querying need. Happy digging!