The “dig” command in Linux is a powerful tool for querying DNS (Domain Name System) servers. It can provide detailed information about DNS records and domain configurations. Here’s how you can use “dig” effectively:
Prerequisites:
1. Ensure bind-utils package is installed on your system by running below command:
dig
or
yum list installed | grep -I bind-utils
If you are getting “command not found” message, install the nslookup package using below command.
yum install bind-utils
1. Basic DNS Query:
dig example.com
Replace “example.com” with the domain you want to query. This performs a standard DNS query and shows various DNS records associated with the domain.
2. Query a Specific DNS Record Type:
dig example.com MX
This queries for Mail Exchange (MX) records of the domain. Replace “MX” with other record types like “A”, “CNAME”, “TXT”, etc., to get specific DNS records.
A: IPv4 address (Address record)
AAAA: IPv6 address (IPv6 Address record)
CNAME: Canonical Name record
MX: Mail Exchange record
NS: Name Server record
SOA: Start of Authority record
TXT: Text record
PTR: Pointer record
3. Query a Specific DNS Server:
dig example.com @8.8.8.8
This queries the specified DNS server (“8.8.8.8” in this case) for the domain’s DNS records.
4. Reverse DNS Lookup:
dig -x 8.8.8.8
This performs a reverse DNS lookup for the given IP address (“8.8.8.8” in this case) and provides the associated domain name.
5. Display Short Form Output:
dig +short example.com
This provides a concise, short-form output containing only the IP addresses associated with the domain.
6. Querying Specific DNS Record of a Domain:
dig example.com MX +short
This queries for Mail Exchange (MX) records of the domain in a short format. You can replace “MX” with other record types.
7. Querying Multiple DNS Records:
dig example.com ANY
This queries for all DNS records associated with the domain (“ANY” record type).
8. Performing DNSSEC Validation:
dig example.com +dnssec
This queries for DNSSEC-protected DNS records and validates the DNS responses.
9. Displaying Query Time and Server Information:
dig example.com +stats
This provides detailed statistics about the DNS query, including query time and server information.
10. Using a Specific Source IP Address:
dig example.com @dns-server-ip +source=your-ip-address
This sends a query from a specific source IP address (“your-ip-address”) to the DNS server (“dns-server-ip”). This can be useful in multihomed systems.
11. Querying DNS over TLS (DoT):
dig @1.1.1.1 example.com +tcp
This queries the DNS server (“1.1.1.1” in this case) over TCP, which can be used for DNS over TLS (DoT) if the server supports it.
12. Querying Specific DNS Server Port:
dig @dns-server-ip -p port-number example.com
This queries the DNS server (“dns-server-ip”) on a specific port number (replace “port-number” with the desired port) for the domain.
Understanding these options allows you to efficiently use the “dig” command for various DNS-related queries and troubleshooting tasks in Linux.
Click Here!!! to know how to use nslookup command effectively in linux.
How do you feel about this post? Drop your comments below..
