Cyberithub

20 dig command examples in Linux (Cheat Sheet)

Advertisements

In this article, we will see 20 dig command examples in Linux. dig, also known as domain internet groper is a free and open source tool for querying the domain name system(DNS). It is very commonly used for performing DNS lookups to retrieve various DNS records such as A (address), MX (mail exchange), NS (name server), TXT (text), CNAME (canonical name), and AAAA (IPv6 address). It is also very frequently used by network and system administrators for troubleshooting various DNS issues. You can also use dig to perform reverse DNS lookups which means you can query an IP address to find out the domain name associated with it.

It has lot of other options and features available which can be effectively used in both command line as well as in shell script. Here we will see few of the important examples of dig command that can be helpful in querying DNS records of any given domain.

Advertisements

 

20 dig command examples in Linux (Cheat Sheet)

20 dig command examples in Linux (Cheat Sheet)

Also Read: How to Install whois utility on Ubuntu 20.04

Example 1: Check Dig Version

To check currently installed dig utility version, you can run dig -v command as shown below.

Advertisements
cyberithub@ubuntu:~$ dig -v
DiG 9.16.1-Ubuntu

 

Example 2: Check DNS Record

You can check dns record of any domain by running dig <domain_name> command. Here we are checking all the records of domain example.com using dig example.com command as shown below.

cyberithub@ubuntu:~$ dig example.com

; <<>> DiG 9.16.1-Ubuntu <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11063
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN A

;; ANSWER SECTION:
example.com. 10614 IN A 93.184.216.34

;; Query time: 28 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Nov 18 22:17:15 IST 2023
;; MSG SIZE rcvd: 56

 

Example 3: Check IP Address of a Domain

If you are looking for the IP Address of a domain then you can use +short option with dig command. For example, here we are looking for the IP Address of example.com using dig +short example.com command as shown below.

Advertisements
cyberithub@ubuntu:~$ dig +short example.com
93.184.216.34

 

Example 4: Check A record of a domain

If you want to query the A record (IPv4) of a domain then you have to use dig <domain_name> A command.  In our below example, we are querying the A record of domain example.com using dig example.com A command as shown below.

cyberithub@ubuntu:~$ dig example.com A

; <<>> DiG 9.16.1-Ubuntu <<>> example.com A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57305
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN A

;; ANSWER SECTION:
example.com. 7057 IN A 93.184.216.34

;; Query time: 4 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Nov 18 22:19:38 IST 2023
;; MSG SIZE rcvd: 56

 

 

Example 5: Check AAAA record of a domain

Just like A record, if you are looking to query AAAA (IPv6) record of a domain then you have to use dig <domain_name> AAAA syntax. In below example, we are querying AAAA record of domain google.com using dig google.com AAAA command as shown below.

cyberithub@ubuntu:~$ dig google.com AAAA

; <<>> DiG 9.16.1-Ubuntu <<>> google.com AAAA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25789
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;google.com. IN AAAA

;; ANSWER SECTION:
google.com. 142 IN AAAA 2404:6800:4009:812::200e

;; Query time: 36 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Nov 18 22:22:52 IST 2023
;; MSG SIZE rcvd: 67

 

Example 6: Perform reverse DNS lookup

If you are looking to perform reverse DNS lookup on an IP address then you have to use dig -x <ip_address> syntax. In below example, we are performing reverse dns lookup on google ip address 8.8.8.8 using dig -x 8.8.8.8 command as shown below.

cyberithub@ubuntu:~$ dig -x 8.8.8.8

; <<>> DiG 9.16.1-Ubuntu <<>> -x 8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22545
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;8.8.8.8.in-addr.arpa. IN PTR

;; ANSWER SECTION:
8.8.8.8.in-addr.arpa. 48607 IN PTR dns.google.

;; Query time: 24 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 09:19:11 IST 2023
;; MSG SIZE rcvd: 73

 

Example 7: Query Specific DNS Server

If you want to query about a domain through some specific DNS Server then you have to use dig @<dns_server> <domain_name> syntax. In below example, we are querying about domain example.com through dns server 8.8.8.8 as shown below.

cyberithub@ubuntu:~$ dig @8.8.8.8 example.com

; <<>> DiG 9.16.1-Ubuntu <<>> @8.8.8.8 example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28720
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;example.com. IN A

;; ANSWER SECTION:
example.com. 5318 IN A 93.184.216.34

;; Query time: 660 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Nov 19 09:20:37 IST 2023
;; MSG SIZE rcvd: 56

 

Example 8: Retrieve MX Record

If you are looking to retrieve MX record of a domain then you have to use dig <domain_name> MX command. In below example, we are retrieving MX record of domain example.com using dig example.com MX command as shown below.

cyberithub@ubuntu:~$ dig example.com MX

; <<>> DiG 9.16.1-Ubuntu <<>> example.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35233
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN MX

;; ANSWER SECTION:
example.com. 86400 IN MX 0 .

;; Query time: 244 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 09:22:08 IST 2023
;; MSG SIZE rcvd: 55

 

Example 9: Retrieve NS Record

If you are looking to retrieve NS record of a domain then you have to use dig <domain_name> NS command. In below example, we are retrieving NS record of domain example.com using dig example.com NS command as shown below.

cyberithub@ubuntu:~$ dig example.com NS

; <<>> DiG 9.16.1-Ubuntu <<>> example.com NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42797
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN NS

;; ANSWER SECTION:
example.com. 48185 IN NS a.iana-servers.net.
example.com. 48185 IN NS b.iana-servers.net.

;; Query time: 228 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 09:23:06 IST 2023
;; MSG SIZE rcvd: 88

 

Example 10: Get DNSSEC information

DNSSEC, short for Domain Name System Security Extensions, is a suite of extensions to DNS that adds a layer of security to the domain name resolution process. If you are looking to retrieve DNSSEC information of a domain then you have to use dig <domain_name> +dnssec command. In below example, we are querying the DNSSEC information of domain example.com using dig example.com +dnssec command as shown below.

cyberithub@ubuntu:~$ dig example.com +dnssec

; <<>> DiG 9.16.1-Ubuntu <<>> example.com +dnssec
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29803
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 65494
; OPT=5: 05 07 08 0a 0d 0e 0f (".......")
; OPT=6: 01 02 04 ("...")
; OPT=7: 01 (".")
;; QUESTION SECTION:
;example.com. IN A

;; ANSWER SECTION:
example.com. 53817 IN A 93.184.216.34

;; Query time: 24 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 10:10:08 IST 2023
;; MSG SIZE rcvd: 79

 

Example 11: Trace DNS Delegation

If you are looking to trace the delegation of domain then you have to use +trace option. In below example, we are tracing the DNS Delegation of domain example.com using dig +trace example.com command as shown below.

cyberithub@ubuntu:~$ dig +trace example.com

; <<>> DiG 9.16.1-Ubuntu <<>> +trace example.com
;; global options: +cmd
.                       399219 IN NS k.root-servers.net.
.                       399219 IN NS l.root-servers.net.
.                       399219 IN NS m.root-servers.net.
.                       399219 IN NS a.root-servers.net.
.                       399219 IN NS b.root-servers.net.
.                       399219 IN NS c.root-servers.net.
.                       399219 IN NS d.root-servers.net.
.                       399219 IN NS e.root-servers.net.
.                       399219 IN NS f.root-servers.net.
.                       399219 IN NS g.root-servers.net.
.                       399219 IN NS h.root-servers.net.
.                       399219 IN NS i.root-servers.net.
.                       399219 IN NS j.root-servers.net.
..........................................

 

Example 12: Check Domain's SOA Record

If you want to check SOA record of a domain then you have to use dig <domain_name> SOA command. In below example, we are checking the SOA record of domain example.com using dig example.com SOA command as shown below.

cyberithub@ubuntu:~$ dig example.com SOA

; <<>> DiG 9.16.1-Ubuntu <<>> example.com SOA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62634
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN SOA

;; ANSWER SECTION:
example.com. 3600 IN SOA ns.icann.org. noc.dns.icann.org. 2022091367 7200 3600 1209600 3600

;; Query time: 260 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 11:10:57 IST 2023
;; MSG SIZE rcvd: 96

 

Example 13: Provide detail information

If you want to know detail information about a domain, say for example.com in our case then you can use dig example.com +noall +answer +stats command as shown below. Here are the different options used with dig command:-

  • +noall: This option clears all the default flags for the output format.
  • +answer: After using +noall to clear all output flags, +answer is used to turn back on just the answer section.
  • +stats: This option turns on the display of query statistics.
cyberithub@ubuntu:~$ dig example.com +noall +answer +stats
example.com. 50522 IN A 93.184.216.34
;; Query time: 20 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 11:12:10 IST 2023
;; MSG SIZE rcvd: 56

 

Example 14: Query TXT Records

To query TXT records of a domain, you have to run dig <domain_name> TXT command. In below example, we are querying the TXT record of domain example.com using dig example.com TXT command as shown below.

cyberithub@ubuntu:~$ dig example.com TXT

; <<>> DiG 9.16.1-Ubuntu <<>> example.com TXT
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32676
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN TXT

;; ANSWER SECTION:
example.com. 50524 IN TXT "wgyf8z8cgvm2qmxpnbnldrcltvk4xqfn"
example.com. 50524 IN TXT "v=spf1 -all"

;; Query time: 20 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 11:15:16 IST 2023
;; MSG SIZE rcvd: 109

 

Example 15: Get CNAME Record

If you are looking to query CNAME (canonical name) record of a domain then you have to use dig <domain_name> CNAME command. In below example, we are querying CNAME of domain example.com using dig example.com CNAME command as shown below.

cyberithub@ubuntu:~$ dig example.com CNAME

; <<>> DiG 9.16.1-Ubuntu <<>> example.com CNAME
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38273
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN CNAME

;; Query time: 299 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 11:28:58 IST 2023
;; MSG SIZE rcvd: 40

 

Example 16: Set a timeout

You also have the option to set timeout period during DNS lookups. For example, if you are querying DNS records of domain example.com then you can set timeout period to say 10 secs (in our case) for getting a response using dig example.com +time=10 command as shown below. It will wait for that much time period for a response, after that it will show an error.

cyberithub@ubuntu:~$ dig example.com +time=10

; <<>> DiG 9.16.1-Ubuntu <<>> example.com +time=10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41423
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN A

;; ANSWER SECTION:
example.com. 6123 IN A 93.184.216.34

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 11:30:06 IST 2023
;; MSG SIZE rcvd: 56

 

Example 17: Set the EDNSO Buffer Size

You also have the option to set the buffer size for the DNS query message. For example, if you want to set the buffer size to 512 bytes to query the DNS records of domain example.com then you have to use dig +bufsize=512 example.com command as shown below.

cyberithub@ubuntu:~$ dig +bufsize=512 example.com

; <<>> DiG 9.16.1-Ubuntu <<>> +bufsize example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5644
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN A

;; ANSWER SECTION:
example.com. 23800 IN A 93.184.216.34

;; Query time: 20 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 18:30:25 IST 2023
;; MSG SIZE rcvd: 56

 

Example 18: Send Query without EDNS

EDNS is an extension to the original DNS specification and is used to allow for larger packet sizes, carry additional information, and facilitate new DNS features. If you want to disable this feature during query then you have to use +noedns option. So if you want to query DNS records of example.com from DNS server without using EDNS features then you have to run dig +noedns example.com command as shown below.

cyberithub@ubuntu:~$ dig +noedns example.com

; <<>> DiG 9.16.1-Ubuntu <<>> +noedns example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38628
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;example.com. IN A

;; ANSWER SECTION:
example.com. 7093 IN A 93.184.216.34

;; Query time: 4 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 18:32:12 IST 2023
;; MSG SIZE rcvd: 45

 

Example 19: Query using a Specific Port

If you want to query about a domain from some specific port then you can mention the port number as shown in below example. Here we are querying about domain example.com from Port number 53 by using dig port=53 example.com command as shown below.

cyberithub@ubuntu:~$ dig port=53 example.com

; <<>> DiG 9.16.1-Ubuntu <<>> port=53 example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 14520
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;port=53. IN A

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 18:34:11 IST 2023
;; MSG SIZE rcvd: 36

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61696
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN A

;; ANSWER SECTION:
example.com. 6974 IN A 93.184.216.34

;; Query time: 3 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 18:34:11 IST 2023
;; MSG SIZE rcvd: 56

 

Example 20: Send a Non-recursive Query

dig utility also provides the ability to send non-recursive query. In a recursive query, if the server doesn't have the answer, it will query other servers until it finds the information but in case if you want server to return a response only if it has the answer in its cache or is authoritative for the domain then you have to use non-recursive query.

To send a non-recursive query, you can use +norecurse option. For example, here we are using non-recursive query to get information about domain example.com using dig +norecurse example.com command as shown below.

cyberithub@ubuntu:~$ dig +norecurse example.com

; <<>> DiG 9.16.1-Ubuntu <<>> +norecurse example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 42187
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN A

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Nov 19 18:41:24 IST 2023
;; MSG SIZE rcvd: 40

Leave a Comment