Domain Name System (DNS) is a hierarchical naming system that stores critical domain name information. The DNS resource records also contain other information related to the records. If you have configuration or connectivity issues with a DNS server, then use the dig command to query DNS records.
In this tutorial, we will learn how to use the dig command in Linux to perform DNS lookups with practical examples.
- A running Linux computer.
- A user with root or sudo privileges.
- Access to command-line interface.
Install dig Command in Linux
Dig is pre-installed on some Linux distributions. To check if it already exists on your system, use the following command:
If the dig utility is installed, then the output will look like this:
If the dig command is not installed on your Linux computer, you will get an “dig: command not found” error. You can install dig on various distributions as follows:
Debian and Ubuntu
sudo apt install dnsutils
sudo dnf install bind-utils
CentOS Stream and Red Hat Enterprise Linux (RHEL)
sudo yum install bind-utils
Dig Command Linux
The dig or domain information groper is a flexible and easy to use command-line utility to query DNS name servers. It is part of the BIND software suite.
The dig command, allows you to perform DNS lookup and query information about various DNS records, including host addresses, mail servers, and name servers. It is the most used tool among system administrators for troubleshooting DNS problems because of its flexibility and ease of use.
Generally, this tool is used to query a single server with command-line arguments. The dig command can also be used in a batch mode by reading DNS lookups from a file. You can perform lookup for multiple servers.
The dig command is a replacement for older DNS lookup tools, such as host and nslookup. Dig is available in most modern Linux distributions. The other tools like nslookup use their own libraries, however, dig uses the operating system resolver libraries.
This is the basic syntax of the dig command:
dig [hostname/IP address] [DNS_name] [record_type]
How to Use dig Command in Linux
You can use the dig command with or without any options. When used without any options, the output is very wordy:
Let’s understand the output section by section:
The very first line represents the installed version of dig, such as
; <<>> DiG 9.18.1-1ubuntu1.1-Ubuntu <<>> yahoo.com.
The second line represents global options, such as
;; global options: +cmd.
The next three lines represent technical details of the response received from the server, including opcode and status:
;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60672 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
The dig command output in the new versions also display OPT PSEUDOSECTION information:
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494
The QUESTION section in the dig command output shows the DNS query:
;; QUESTION SECTION: ;yahoo.com.
The ANSWER section shows answer to the DNS query:
;; ANSWER SECTION: yahoo.com. 779 IN A 126.96.36.199 yahoo.com. 779 IN A 188.8.131.52 yahoo.com. 779 IN A 184.108.40.206 yahoo.com. 779 IN A 220.127.116.11 yahoo.com. 779 IN A 18.104.22.168 yahoo.com. 779 IN A 22.214.171.124
The last dig output section shows query statistics:
;; Query time: 55 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP) ;; WHEN: Mon Aug 29 07:22:38 IST 2022 ;; MSG SIZE rcvd: 134
1. DNS Lookup
The dig command in its simplest form shows different types of information about the hostname by performing DNS lookup. For example:
2. Get IP Address
Use the +short option to get a list of only the IP address, which is the short answer to the dig command query:
dig yahoo.com +short
This output shows only the IP address in the ANSWER section.
3. Get Overview
You can turn off all the results in the dig command output using the +noall option and then use the +answer option (display answer section) to display only the overview of the DNS output:
dig yahoo.com +noall +answer
Query DNS Records Using dig Command
You can perform DNS queries using dig by adding the record types with the command. In this section, we will cover some common scenarios to retrieve DNS information.
1. All Records
To list all the records for the hostname, use the any option. You can also use other options to modify the output:
dig yahoo.com ANY +noall +answer
2. A Records
To list only the A records for the specified hostname, use the a option with other options to restrict the output:
dig yahoo.com a +noall +answer
3. NS Records
Use the NS option to list all the authoritative DNS servers from the specified domain:
dig yahoo.com NS +noall +answer
4. CNAME Records
Use the cname option to list the alias domain names for the specified hostname:
dig yahoo.com cname +noall +answer
The CNAME record is displayed only if an alias domain name is configured.
5. CAA Records
You can use the dig command to verify DNS has CAA records.
Sometimes certificate providers such as AWS ACM are unable to provide certs due to an issue caused by pre-existing CAA records for the domain name URL. This command is handy to check whether the CAA record exists.
To lookup CAA records on a domain, type:
dig caa <domain-url>
6. MX Records
Use the mx option to list all the mail exchange (MX) record configured for the specified domain:
dig yahoo.com mx +noall +answer
7. TXT records
To retrieve text information or TXT records for the specified domain name, use the txt option:
dig yahoo.com txt +noall +answer
8. SPF Records
To list all the Sender Policy Framework (SPF) records for the specified domain, use the txt option and find the SPF entry:
dig yahoo.com txt +noall +answer
If SPF is not configured for the domain, then it is not displayed in the TXT results.
9. DKIM Records
To list all the DKIM records for the specified domain, use the txt option and find the DKIM entry:
dig txt _dmrc.yahoo.com +noall +answeror
dig dkim._domainkey.yahoo.com txt
10. Specific DNS server
Specify the name of the DNS server if you want to use a specific DNS server for your query, instead of the default DNS servers specified in the /etc/resolv.conf file:
Reverse DNS Lookup
To perform reverse DNS lookup (provide DNS IP address and get the domain name), use the -x option with the DNS IP:
dig -x 126.96.36.199 +short
To query multiple domains at the same time, create a file and add domain names to the file. Then use the -f option and specify the file with the dig command:
dig -f domains.txt +noall +answer
Control Dig Behavior Using the .digrc File
If you want to use certain options with the dig command every time you run it, then you can use the $HOME/.digrc file. Open the $HOME/.digrc file and specify the options as shown in the following example:
In this example, we specified the options in the .digrc file and then ran the dig command on the specified domain. The results are same as running the dig command with +noall and +answer options.
dig Command Options
The dig command provides various options to modify the output. Some of the most common options are described in the following table:
|Control activation of TCP mode.|
|Set timeout for query in seconds.|
|Displays (+cl) or hides (+nocl) class in records.|
|Displays (+cmd) or hides (+nocmd) command information.|
|Displays (+comments) or hides (+nocomments) comments.|
|Displays (+question) or hides (+noquestion) question section.|
|Displays (+answer) or hides (+noanswer) answer section.|
|Displays (+authority) or hides (+noauthority) authority section.|
|Displays (+additional) or hides (+noadditonal) additional information.|
|Displays (+stats) or hides (+nostats) statistics information.|
|Controls short output.|
|Displays (+all) or hides (+noall) all the information.|
In this tutorial, we learned how to use the dig command to retrieve DNS information of the specified domain. The examples described in this tutorial cover different scenarios that help you modify the output. You can also control the dig command behavior using the .digrc file.