We all heard that our bellowed DNS lookup tool ‘nslookup’ is getting deprecated. Even though the nslookup tool has been resurrected and is not going anywhere, its better to learn about another cool name lookup tool – ‘dig’.
What is ‘dig’?
'Dig,' short for Domain Information Groper, is a command-line utility designed for DNS queries. Dig is super useful for troubleshooting DNS problems.
Getting Started with 'dig'
Installation
Most RHEL installations include 'dig' by default. However, if it's not present, you can install it using the package manager 'yum':
$ sudo yum install bind-utils
Basic Usage and understanding the output
Let’s do a name query:
# dig google.com
This basic command will yield fundamental information, including the IP address associated with the domain.
Understanding the output:
- Lines beginning with ; are comments.
- The first line tell us the version of dig 9.11.4.
- Next, dig shows the header of the response it received from the DNS server.
- Next comes the question section, which simply tells us the query, which in this case is a query for the “A” record of google.com. The IN means this is an Internet lookup (in the Internet class).
- The answer section tells us that google.com has the IP address 142.250.184.206
- Lastly there are some stats about the query.
Some Quick Tips:
- You may turn off the stats using the +nostats option.
- You may use +short to make the output lot more readable.
Quick look at the important dig commands:
|
Query Domain “A” Record |
# dig google.com +short |
|
Query MX record |
# dig google.com MX +short |
|
Query SOA Record |
# dig google.com SOA +short |
|
Query TTL Record |
# dig google.com TTL +short |
|
Query only Answer |
# dig google.com +nocomments +noquestion +noauthority +noadditional +nostats |
|
Query All DNS records |
# dig google.com ANY +noall + answer |
|
Reverse DNS lookup |
# dig -x 142.250.184.206 + short |
|
Query a Specify DNS server |
# dig @8.8.8.8 google.com +short |
|
Trace DNS Query Path |
# dig google.com +trace |
Set up default options for dig
You may setup a per-user defaults for dig by creating a file ${HOME}/.digrc (a file with name .digrc under each user’s home directory) with the required default options.
[user@node1 ~]$ cat ${HOME}/.digrc
+short
[user@node1 ~]$ dig google.com
142.250.184.206
Let’s take a look at some of the important options.
-4 : Does an IPv4 only Query
-6 : Does an IPv6 only query
-b address[#port] : Bind the query to the host’s IP and port.
-p port : Sent the query to the port specified. This must be used if the DNS server is listening on a non-standard port other than 53/UDP.
-x address : Used for reverse lookup.
Now some Query Options.
Dig provides us with a number of query options that helps in the way query is made and how the results are displayed.
Query options are prefixed with +. Some keywords can be negated by prefixing no after the + sign like +noall.
+[no]all : Sets or clears all display flags. Querying with +noall will return a empty result, you need to add the query options for the required section.
+[no]answer : Display [or not display] the answer section. Handy to be combine options like +noall +answer for nice and readable reply.
+nocmd : This will remove the initial comment section showing the dig version.
+nocomments : Removed the comment lines in the output, default is +comment.
+fail : Client will retry the next nameserver in case of a SERVFAIL. Default is +nofail and will not try the next server.
+noquestion : Do not print the question section when an answer s returned.
+ndots=D : Set the number of dots that have to appear in name to D for it to be considered absolute. The default value is that defined using the ndots statement in /etc/resolv.conf, or 1 if no ndots statement is present. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the search or domain directive in /etc/resolv.conf if +search is set.
+short : Provides the most concise answer.
+nostats : Does not print the query statistics such as the time, size and so on.
+timeout=N : Sets the timeout for a query to N seconds. Default is 5 seconds.
+ trace : Enable tracing of the delegation path from the root name servers for the name being looked up. Dig makes iterative queries to resolve the name. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup.
+tries=N : Sets the number of UDP retries to server instead of the default 3.
