Dig utility

dig (domain information groper) is a utility (DNS client) for working with domain records. Used to query DNS servers and obtain records about the requested domain.

  • +short — short answer (no request and service information).
  • +noall +answer — detailed answer (no request).
  • @server — a request to a specific DNS server.
  • recording — to obtain information about a specific record, it is enough to indicate its name.
  • -x IP address — reverse DNS lookup.
  • +trace — tracing the route of the domain request.
  • -f path / to / file — request for information on several domains listed in the file at once.

Frequently used options can be set by default.

The simplest query:

dig ukraine.com.ua

Answer with explanatory comments:

; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> ukraine.com.ua       # dig version and request text
;; global options: +cmd                                       # global parameters
;; Got answer:                                                # technical details of the response received
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25243     # header including opcode and action state
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:                                          # request section
;ukraine.com.ua.                        IN      A             # by default, A record is requested
 
;; ANSWER SECTION:                                            # response section
ukraine.com.ua.         900     IN      A       185.39.224.54 # IP address for A record
 
;; Query time: 17 msec                                        # request statistics
;; SERVER: 1.1.1.1# 53 (1.1.1.1) # address of the server that returned the response
;; WHEN: Thu Oct 24 14:45:14 EEST 2019                        # date and time
;; MSG SIZE  rcvd: 59

For a short answer, use the option +short:

dig ukraine.com.ua +short

Answer:

185.39.224.54

To get only the response section, use the option +noall (disables all results) and +answer (includes an answer section):

dig ukraine.com.ua +noall +answer

Answer:

; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> ukraine.com.ua +noall +answer
;; global options: +cmd
ukraine.com.ua.         734     IN      A       185.39.224.54

To receive a response from a specific DNS server, use the option @server (server — is the name or IP of a specific DNS server):

dig ukraine.com.ua @8.8.8.8

Answer:

; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> ukraine.com.ua @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14828
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ukraine.com.ua.                        IN      A
 
;; ANSWER SECTION:
ukraine.com.ua.         608     IN      A       185.39.224.54
 
;; Query time: 26 msec
;; SERVER: 8.8.8.8# 53 (8.8.8.8) # here you can see that the server specified in the command returned the response
;; WHEN: Thu Oct 24 15:05:58 EEST 2019
;; MSG SIZE  rcvd: 59

To get information about a specific entry, add its title (A, AAAA, CNAME, TXT, MX, NS):

dig ukraine.com.ua mx +noall +answer

Answer:

; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> ukraine.com.ua mx +noall +answer
;; global options: +cmd
ukraine.com.ua.         900     IN      MX      20 alt1.aspmx.l.google.com.
ukraine.com.ua.         900     IN      MX      10 aspmx.l.google.com.

To determine the hostname by IP address (PTR record), use the key -x:

dig -x 185.39.224.54 +noall +answer

Answer:

; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> -x 185.39.224.54 +noall +answer
;; global options: +cmd
54.224.39.185.in-addr.arpa. 3250 IN     PTR     ukraine.com.ua.
Try to use the key when tracing +nodnssec, so as not to clutter the output with information that is unnecessary for your case.

To view detailed information about the passage of the request and determine which server at what stage and which response returned, use the option +trace:

dig ukraine.com.ua a +trace

Answer:

; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> ukraine.com.ua a +trace
;; global options: +cmd
.                       6839    IN      NS      h.root-servers.net.
.                       6839    IN      NS      i.root-servers.net.
.                       6839    IN      NS      j.root-servers.net.
.                       6839    IN      NS      k.root-servers.net.
.                       6839    IN      NS      l.root-servers.net.
.                       6839    IN      NS      m.root-servers.net.
.                       6839    IN      NS      a.root-servers.net.
.                       6839    IN      NS      b.root-servers.net.
.                       6839    IN      NS      c.root-servers.net.
.                       6839    IN      NS      d.root-servers.net.
.                       6839    IN      NS      e.root-servers.net.
.                       6839    IN      NS      f.root-servers.net.
.                       6839    IN      NS      g.root-servers.net.
.                       6839    IN      RRSIG   NS 8 0 518400 20191106050000 20191024040000 22545 . VMJm6mjyJGRlIHIZFqe63o28rV9XrZpMEOjhFIW094xMFd7s2LL49Dfq +gaiZ549QmIfHUNnTAg9ZGeNHgxs+AFobw5/4ag6oieqo6wJdnwLEIcr AdMeHFz6UJ6FA5MKGWTTY/oBfdfCujbCgTxeMKK1sBwrBLrZ70yfH57x 9/tjVsAYagE5sEi+leATrOtBtJf1FfJqa9wD1ps5GAiOODtI7E+FDFsI 6ZvnTqp0d4qnIcNhf1UiUyvhYoFo7OqnJjDo15h/JMMfG1/9Ope1lAba 9Cdg+ufcIpbfIn63ppq6t/gFGsNUO/+E0rTDno2PdKu0w4rmVxN9ouY/ Hs1/Rw==
;; Received 717 bytes from 1.1.1.1# 53 (1.1.1.1) in 17 ms # the current DNS server (1.1.1.1) returned the NS list of the root zone.
 
ua.                     172800  IN      NS      in1.ns.ua.
ua.                     172800  IN      NS      sns-pb.isc.org.
ua.                     172800  IN      NS      pch.ns.ua.
ua.                     172800  IN      NS      ho1.ns.ua.
ua.                     172800  IN      NS      cd1.ns.ua.
ua.                     86400   IN      DS      56514 10 2 BDD7A310534F76B2B6B25C94F816F9B9F260A2E35F526A9287E3307F B2CD16D8
ua.                     86400   IN      RRSIG   DS 8 1 86400 20191106050000 20191024040000 22545 . PHQOb4/tp5HtTwtiQ0IebMKNLAoI1GII/AWckr7t05TyiwBIgby7LAQL xXAUwHDtVA3I7CFtAD+0Oma07ncWBcs3j4L5zFm69R4vZO0nd7uiBty9 hdyM6HssNMujDfmxKIT7LSkVqKOtA9RELwibjjpU5oao8ZpQr8l8e4JQ wK+5A4A14ZZXUk6MFeG9P0QtWOdfBfnq+Ei8DfHCrmG1KpHQVE9F96Fm ItP5GEh7Upx7sV6CvnLYYYTvlwGZyI6eYIaEOW6hhufp2Gs7rSvfKpI3 /CUYZeO9ZstXxowgQno9qShAzSO2nOdfRF6GMVWIrfRr3q7ov8jFxGUO 7a+PsA==
;; Received 729 bytes from 192.112.36.4# 53 (g.root-servers.net) in 43 ms # NS list for .UA zone received from one of the root zone servers
 
com.ua.                 36036   IN      NS      k.ns.com.ua.
com.ua.                 36036   IN      NS      ba1.ns.ua.
com.ua.                 36036   IN      NS      ho1.ns.com.ua.
com.ua.                 36036   IN      NS      nix.ns.ua.
com.ua.                 36036   IN      NS      sns-pb.isc.org.
com.ua.                 36036   IN      DS      51391 13 2 0B165D1C0B8481335BF9AA08B6D4A989FAA387E50CB20012B9679FDA C8DCC523
com.ua.                 36036   IN      RRSIG   DS 10 2 36036 20191123103100 20191024103100 39635 ua. kTcOwmqs1zfsgT3/EN/98p4FtRBgziggjAAK2tVm3jo+rpzKu213c9s5 jC17CrEULnG5sNry8SVrf8VpfIho89eb9D0+waSu9QTtjOjhuO/JIYJf 1HCkAug3GUcg+Fhspaasam07yadA+rjhBoLo1PSzIJatP5nSo3CRdQBv sFw=
;; Received 1181 bytes from 74.123.224.40# 53 (in1.ns.ua) in 180 ms # NS list for .COM.UA zone received from .UA zone server
 
ukraine.com.ua.         28800   IN      NS      ns1.ukraine.com.ua.
ukraine.com.ua.         28800   IN      NS      ns2.ukraine.com.ua.
ukraine.com.ua.         28800   IN      NS      ns3.ukraine.com.ua.
TQ2PJLFLEH6Q350I1RFS6O2279S9UJ6F.com.ua. 1800 IN NSEC3 1 1 10 08FA761AF54F7014 TQ3G5M4AQH5FQAAES9MGMV6PMBPK9APC  NS SOA RRSIG DNSKEY NSEC3PARAM
TQ2PJLFLEH6Q350I1RFS6O2279S9UJ6F.com.ua. 1800 IN RRSIG NSEC3 13 3 1800 20191208104006 20191024104006 60182 com.ua. d+EcdzD+RIlQW3zgYKy3DdDu/fTH9BXbLphzBc0uehoTCHvkyaQhjF85 EJ7xjqqJ59Y7tHfbuVegW4Zoff+kvA==
3L3FI89Q3TEFK874E9180CD71K7GJ6QA.com.ua. 1800 IN NSEC3 1 1 10 08FA761AF54F7014 3L58G1AMG8IQ3NECEU3AD9LA8E8BR3I6  TXT RRSIG
3L3FI89Q3TEFK874E9180CD71K7GJ6QA.com.ua. 1800 IN RRSIG NSEC3 13 3 1800 20191208104006 20191024104006 60182 com.ua. xB5O1l8/ZgMUUdo5VxXO9PkFL43TBDktY9p0pphZscFkTs3XZTdb+h6e gDUpqSxPaVqPv4FczT/f4yOF5CNegA==
;; Received 608 bytes from 216.218.215.123# 53 (k.ns.com.ua) in 182 ms # received a list of domain NS from the .COM.UA zone server
 
ukraine.com.ua.         900     IN      A       185.39.224.54
;; Received 59 bytes from 91.222.136.245# 53 (ns2.ukraine.com.ua) in 13 ms # one of the NS domain returned information about the A-record

To get a response on several domains at once, create a simple text file with a list of domains (each domain on a new line) and specify the key instead of the domain in the command -f and the path to the file with domains:

dig -f domains.txt MX +short

If you often use the same options, so as not to enter them manually each time, you can create a text file in the user’s root directory with the name .digrc and put them there in one line:

+noall +answer

As a result, every time you start dig these options will be automatically substituted into the request.

Content