dig - stands for domain information groper
dig - a tool in linux to lookup or query DNS server for ip-address/name resolution.
Format:
dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-p port#] [-q name] [-t type] [-x addr]
[-y [hmac:]name:key] [-4] [-6] [name] [type] [class] [queryopt...]
dig [-h]
dig [global-queryopt...] [query...]
DESCRIPTION
- dig (domain information groper) is a flexible tool for interrogating DNS name servers.
- It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried.
- Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
- Although dig is normally used with command-line arguments, it also has a batch mode of operation for reading lookup requests from a file.
- To get help on this command and its several options, use -h option.
dig -h
- Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf.
- It is possible to set per-user defaults for dig via ${HOME}/.digrc. This file is read and any options in it are applied before the command line arguments.
Examples:
A typical invocation of dig can be:
dig @server name type
where:
server
It is the name or IP address of the name server(DNS) to query. This can be an IPv4 address in dotted-decimal notation or an IPv6 address in colon-delimited notation.
When the supplied server argument is a hostname, dig resolves that name before querying that name server.
If no server argument is provided, dig consults /etc/resolv.conf and queries the name servers listed there. The reply from the name server that responds is displayed.
name
It is the name of the resource record that is to be looked up.
type
It indicates what type of query is required -- ANY, A, MX, SIG, etc. type can be any valid query type. If no type argument is supplied, dig will perform a lookup for an A record.
The -q option sets the query name to name. This useful do distinguish the name from other arguments.
- Reverse lookup : mapping addresses to names
Here, mapping is done from ip address to name by the -x option. addr is an IPv4 address in
dotted-decimal notation, or a colon-delimited IPv6 address. When this option is used, there is no need to provide the name, class and type arguments. dig automatically performs a lookup for a name like 11.12.13.10.in-addr.arpa and sets the query type and class to PTR and IN respectively.
Example 1: query for ip address for name "server.in" @ the DNS server 160.50.250.2.
# dig @160.50.250.2 server.in
; <<>> DiG 9.5.0-P2 <<>> @160.50.250.2 server.in
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36207
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;server.in. IN A
;; ANSWER SECTION:
server.in. 3600 IN A 160.50.74.176
;; Query time: 1 msec
;; SERVER: 160.50.250.2#53(160.50.250.2)
;; WHEN: Mon Jun 1 15:56:16 2015
;; MSG SIZE rcvd: 57
Example 2: Reverse lookup for ip name for given ip addres @ DNS server 160.50.250.2
# dig @160.50.250.2 -x 160.50.74.176
; <<>> DiG 9.5.0-P2 <<>> @160.50.250.2 -x 160.50.74.176
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23362
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;176.74.50.160.in-addr.arpa. IN PTR
;; ANSWER SECTION:
176.74.50.160.in-addr.arpa. 3600 IN PTR server.in.
;; Query time: 0 msec
;; SERVER: 160.50.250.2#53(160.50.250.2)
;; WHEN: Mon Jun 1 15:57:24 2015
;; MSG SIZE rcvd: 81
Example 2: Reverse lookup for ip name for given ip addres @ default DNS.
#> dig -x 160.50.74.176
; <<>> DiG 9.5.0-P2 <<>> -x 160.50.74.176
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34510
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;176.74.50.160.in-addr.arpa. IN PTR
;; ANSWER SECTION:
176.74.50.160.in-addr.arpa. 0 IN PTR server2.in.
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jun 1 15:57:51 2015
;; MSG SIZE rcvd: 79
Example 4: query for ip address for name "server2.in" @ default DNS given in resolve.conf
# dig server2.in
; <<>> DiG 9.5.0-P2 <<>> server2.in
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22922
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;server2.in. IN A
;; ANSWER SECTION:
server2.in. 0 IN A 160.50.74.176
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jun 1 15:58:12 2015
;; MSG SIZE rcvd: 55
Reverse lookup
You can customize the output of dig commands. If you just want the answer output or you want no comment, you can use below optiopns:
Note:- +is to display , +no is to hide
+[no]comments – display or hide the comment lines
+[no]authority – display or hide the authority section
+[no]additional – display or hide the additional section
+[no]stats – display or hide the stats section
+[no]answer – display or hide the answer section (Of course, you wouldn’t want to turn off the answer section)
+[no]all - set or clear all display flags
|