LINUXMAKER, OpenSource, Tutorials

Different possibilities of the dig query

What do you experience with dig?

With dig any valid DNS query can be performed. The most common DNS queries are

  • A      - the IP address
  • TXT  - text notes
  • MX   - the Mail Exchange Server
  • NS   -  the name server
  • ANY - view all DNS records

# Get the address (s) for yahoo.com
dig yahoo.com A +noall +answer

# Get a list of Yahoo's mail servers
dig yahoo.com MX +noall +answer

# Get a list of yahoo.com authoritative DNS servers
dig yahoo.com NS +noall +answer

# Get everything from the above
dig yahoo.com ANY +noall +answer

Meanwhile, the AAAA option can also ask for the IPv6 address of a host.

 dig www.isc.org AAAA +short

If the domain you want to query allows DNS transfers, you can also get them. However, the reality of the Internet today is that very few domains today allow unrestricted transmissions. This process is called the Asynchronous Xfer Full Range or Asynchronous Full Transfer Zone. This way you can test whether the DNS server is set to the correct querying IP addresses.

 dig yourdomain.com AXFR @ DNS-Server

Very short dig replies

If it's just the IP address and very short answers, then the option +short helps.

 

$ dig gmail.com +short
172.217.21.101

This is very useful if you want to use the results of dig within a shell script.

Short, but already more detailed dig answers

If not all the additional information appears in the answer and the short answer is too short, the procedure is different. First all options are disabled with the option +noall and at the same time the following options activate the desired results.

$ dig gmail.com mx +short
40 alt4.gmail-smtp-in.l.google.com.
30 alt3.gmail-smtp-in.l.google.com.
5 gmail-smtp-in.l.google.com.
10 alt1.gmail-smtp-in.l.google.com.
20 alt2.gmail-smtp-in.l.google.com.

$ dig +nocmd gmail.com mx +noall +answer
gmail.com.              2342    IN      MX      30 alt3.gmail-smtp-in.l.google.com.
gmail.com.              2342    IN      MX      5 gmail-smtp-in.l.google.com.
gmail.com.              2342    IN      MX      20 alt2.gmail-smtp-in.l.google.com.
gmail.com.              2342    IN      MX      40 alt4.gmail-smtp-in.l.google.com.
gmail.com.              2342    IN      MX      10 alt1.gmail-smtp-in.l.google.com.

The example shows a short answer for the mail servers of gmail.com and the second dig command is followed by all configuration information including the TTL data (time-to-live). These data are displayed in BIND compatible format.
The same information is obtained using the -t MX option:

dig -t MX +nocmd gmail.com +noall +answer

Long git answers

According to the man page, the +multiline option returns a response with "the SOA records in a verbose multi-line format and with readable comments". In general, the responses retrieved using the +multiline option will look more like BIND Config files than without this option.

dig +nocmd ogi.edu ANY +multiline +noall  +answer
ogi.edu.                3589 IN A 137.53.244.59
ogi.edu.                86389 IN SOA DNS0.ohsu.edu. netcomm.ohsu.edu. (
                                177        ; serial
                                3600       ; refresh (1 hour)
                                3600       ; retry (1 hour)
                                604800     ; expire (1 week)
                                600        ; minimum (10 minutes)
                                )
ogi.edu.                86389 IN NS DNS4.ohsu.edu.
ogi.edu.                86389 IN NS DNS3.ohsu.edu.
ogi.edu.                86389 IN NS DNS1.ohsu.edu.

Perform a reverse lookup

If the IP address is known, then it may be interesting to determine the corresponding IP address. This can be implemented with the -x option.

$ dig -x 188.40.80.233 +short
pushdings.com.

Use of another name server

Simply by appending the name server to the @ option, the respective name server can be specifically queried.

dig @ns1.first-ns.de www.google.com

Use the search list in /etc/resolv.conf

The host command automatically uses the search list in the respective /etc/resolv.conf file for resolution.

$ host www
www.linuxmaker.com has address 188.40.80.30

By default, this is not the case; which can lead to unexpected results. If you want to use local hostnames instead of fully qualified domain names, then the +search option will be used.

dig www +search

Performing bulk lookups

If a large number of hosts are to be determined by a lookup, then the host names can be inserted into one file - one name per line. With the -f option, the query can be performed one after the other.

# do full lookups for a number of hostnames
dig -f /path_to/hosts.txt

# the same, with more focused output
dig -f /path_to/hosts.txt +noall +answer