Dig utility
dig (domain information groper) — utility (DNS-client) to work with domain records. Used for polling DNS-servers and receiving records about the requested domain.
Basic options
+short— short answer (no request and service information).+noall +answer— detailed answer (no request).@server— request for a specific DNS-server.recording— to obtain information about a specific record, it is enough to indicate its name.-x IP address— reverse search DNS.+trace— tracing the route of the domain request.-f path / to / file— request for information on several domains listed in the file at once.
Frequently used options can be set by default.
Request and response
The simplest query:
dig ukraine.com.ua
Answer with explanatory comments:
; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> ukraine.com.ua # dig version and request text ;; global options: +cmd # global parameters ;; Got answer: # technical details of the response received ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25243 # header including opcode and action state ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1452 ;; QUESTION SECTION: # request section ;ukraine.com.ua. IN A # by default, A record is requested ;; ANSWER SECTION: # response section ukraine.com.ua. 900 IN A 185.39.224.54 # IP address for A record ;; Query time: 17 msec # request statistics ;; SERVER: 1.1.1.1# 53 (1.1.1.1) # address of the server that returned the response ;; WHEN: Thu Oct 24 14:45:14 EEST 2019 # date and time ;; MSG SIZE rcvd: 59
Options
Short answer
For a short answer, use the option +short:
dig ukraine.com.ua +short
Answer:
185.39.224.54
Detailed answer
To get only the response section, use the option +noall (disables all results) and +answer (includes an answer section):
dig ukraine.com.ua +noall +answer
Answer:
; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> ukraine.com.ua +noall +answer ;; global options: +cmd ukraine.com.ua. 734 IN A 185.39.224.54
Query for a specific DNS server
To receive a response from a specific DNS-server use the option @server (server Is the name or IP of a specific DNS-server):
dig ukraine.com.ua @8.8.8.8
Answer:
; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> ukraine.com.ua @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14828 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;ukraine.com.ua. IN A ;; ANSWER SECTION: ukraine.com.ua. 608 IN A 185.39.224.54 ;; Query time: 26 msec ;; SERVER: 8.8.8.8# 53 (8.8.8.8) # here you can see that the server specified in the command returned the response ;; WHEN: Thu Oct 24 15:05:58 EEST 2019 ;; MSG SIZE rcvd: 59
Requesting information about a specific record
To get information about a specific entry, add its title (A, AAAA, CNAME, TXT, MX, NS):
dig ukraine.com.ua mx +noall +answer
Answer:
; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> ukraine.com.ua mx +noall +answer ;; global options: +cmd ukraine.com.ua. 900 IN MX 20 alt1.aspmx.l.google.com. ukraine.com.ua. 900 IN MX 10 aspmx.l.google.com.
Reverse DNS lookup
To determine the hostname by IP address (PTR record), use the key -x:
dig -x 185.39.224.54 +noall +answer
Answer:
; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> -x 185.39.224.54 +noall +answer ;; global options: +cmd 54.224.39.185.in-addr.arpa. 3250 IN PTR ukraine.com.ua.
Domain Request Route Trace
Try to use the key when tracing
+nodnssecso as not to clutter the output with information that is unnecessary for your case.
To view detailed information about the passage of the request and determine which server at what stage and which response returned, use the option +trace:
dig ukraine.com.ua a +trace
Answer:
; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> ukraine.com.ua a +trace ;; global options: +cmd . 6839 IN NS h.root-servers.net. . 6839 IN NS i.root-servers.net. . 6839 IN NS j.root-servers.net. . 6839 IN NS k.root-servers.net. . 6839 IN NS l.root-servers.net. . 6839 IN NS m.root-servers.net. . 6839 IN NS a.root-servers.net. . 6839 IN NS b.root-servers.net. . 6839 IN NS c.root-servers.net. . 6839 IN NS d.root-servers.net. . 6839 IN NS e.root-servers.net. . 6839 IN NS f.root-servers.net. . 6839 IN NS g.root-servers.net. . 6839 IN RRSIG NS 8 0 518400 20191106050000 20191024040000 22545 . VMJm6mjyJGRlIHIZFqe63o28rV9XrZpMEOjhFIW094xMFd7s2LL49Dfq +gaiZ549QmIfHUNnTAg9ZGeNHgxs+AFobw5/4ag6oieqo6wJdnwLEIcr AdMeHFz6UJ6FA5MKGWTTY/oBfdfCujbCgTxeMKK1sBwrBLrZ70yfH57x 9/tjVsAYagE5sEi+leATrOtBtJf1FfJqa9wD1ps5GAiOODtI7E+FDFsI 6ZvnTqp0d4qnIcNhf1UiUyvhYoFo7OqnJjDo15h/JMMfG1/9Ope1lAba 9Cdg+ufcIpbfIn63ppq6t/gFGsNUO/+E0rTDno2PdKu0w4rmVxN9ouY/ Hs1/Rw== ;; Received 717 bytes from 1.1.1.1# 53 (1.1.1.1) in 17 ms # the current DNS server (1.1.1.1) returned the NS list of the root zone. ua. 172800 IN NS in1.ns.ua. ua. 172800 IN NS sns-pb.isc.org. ua. 172800 IN NS pch.ns.ua. ua. 172800 IN NS ho1.ns.ua. ua. 172800 IN NS cd1.ns.ua. ua. 86400 IN DS 56514 10 2 BDD7A310534F76B2B6B25C94F816F9B9F260A2E35F526A9287E3307F B2CD16D8 ua. 86400 IN RRSIG DS 8 1 86400 20191106050000 20191024040000 22545 . PHQOb4/tp5HtTwtiQ0IebMKNLAoI1GII/AWckr7t05TyiwBIgby7LAQL xXAUwHDtVA3I7CFtAD+0Oma07ncWBcs3j4L5zFm69R4vZO0nd7uiBty9 hdyM6HssNMujDfmxKIT7LSkVqKOtA9RELwibjjpU5oao8ZpQr8l8e4JQ wK+5A4A14ZZXUk6MFeG9P0QtWOdfBfnq+Ei8DfHCrmG1KpHQVE9F96Fm ItP5GEh7Upx7sV6CvnLYYYTvlwGZyI6eYIaEOW6hhufp2Gs7rSvfKpI3 /CUYZeO9ZstXxowgQno9qShAzSO2nOdfRF6GMVWIrfRr3q7ov8jFxGUO 7a+PsA== ;; Received 729 bytes from 192.112.36.4# 53 (g.root-servers.net) in 43 ms # NS list for .UA zone received from one of the root zone servers com.ua. 36036 IN NS k.ns.com.ua. com.ua. 36036 IN NS ba1.ns.ua. com.ua. 36036 IN NS ho1.ns.com.ua. com.ua. 36036 IN NS nix.ns.ua. com.ua. 36036 IN NS sns-pb.isc.org. com.ua. 36036 IN DS 51391 13 2 0B165D1C0B8481335BF9AA08B6D4A989FAA387E50CB20012B9679FDA C8DCC523 com.ua. 36036 IN RRSIG DS 10 2 36036 20191123103100 20191024103100 39635 ua. kTcOwmqs1zfsgT3/EN/98p4FtRBgziggjAAK2tVm3jo+rpzKu213c9s5 jC17CrEULnG5sNry8SVrf8VpfIho89eb9D0+waSu9QTtjOjhuO/JIYJf 1HCkAug3GUcg+Fhspaasam07yadA+rjhBoLo1PSzIJatP5nSo3CRdQBv sFw= ;; Received 1181 bytes from 74.123.224.40# 53 (in1.ns.ua) in 180 ms # NS list for .COM.UA zone received from .UA zone server ukraine.com.ua. 28800 IN NS ns1.ukraine.com.ua. ukraine.com.ua. 28800 IN NS ns2.ukraine.com.ua. ukraine.com.ua. 28800 IN NS ns3.ukraine.com.ua. TQ2PJLFLEH6Q350I1RFS6O2279S9UJ6F.com.ua. 1800 IN NSEC3 1 1 10 08FA761AF54F7014 TQ3G5M4AQH5FQAAES9MGMV6PMBPK9APC NS SOA RRSIG DNSKEY NSEC3PARAM TQ2PJLFLEH6Q350I1RFS6O2279S9UJ6F.com.ua. 1800 IN RRSIG NSEC3 13 3 1800 20191208104006 20191024104006 60182 com.ua. d+EcdzD+RIlQW3zgYKy3DdDu/fTH9BXbLphzBc0uehoTCHvkyaQhjF85 EJ7xjqqJ59Y7tHfbuVegW4Zoff+kvA== 3L3FI89Q3TEFK874E9180CD71K7GJ6QA.com.ua. 1800 IN NSEC3 1 1 10 08FA761AF54F7014 3L58G1AMG8IQ3NECEU3AD9LA8E8BR3I6 TXT RRSIG 3L3FI89Q3TEFK874E9180CD71K7GJ6QA.com.ua. 1800 IN RRSIG NSEC3 13 3 1800 20191208104006 20191024104006 60182 com.ua. xB5O1l8/ZgMUUdo5VxXO9PkFL43TBDktY9p0pphZscFkTs3XZTdb+h6e gDUpqSxPaVqPv4FczT/f4yOF5CNegA== ;; Received 608 bytes from 216.218.215.123# 53 (k.ns.com.ua) in 182 ms # received a list of domain NS from the .COM.UA zone server ukraine.com.ua. 900 IN A 185.39.224.54 ;; Received 59 bytes from 91.222.136.245# 53 (ns2.ukraine.com.ua) in 13 ms # one of the NS domain returned information about the A-record
Requesting information on several domains at once
To get a response on several domains at once, create a simple text file with a list of domains (each domain on a new line) and specify the key instead of the domain in the command -f and the path to the file with domains:
dig -f domains.txt MX +short
Setting default options
If you often use the same options, so as not to enter them manually each time, you can create a text file in the user's root directory with the name .digrc and put them there in one line:
+noall +answer
As a result, every time you start dig these options will be automatically substituted into the request.