Just as the nslookup command, dig(domain information groper) on Linux, Unix macOS, and Windows is a command that queries information from DNS servers. DNS means "Domain Name Service" and is used to convert IP addresses into domains or vice versa. dig is the more modern alternative to nslookup. It dispenses with the interactive operating mode of nslookup. And it provides more comprehensive query capabilities for virtually all candidate DNS information. Dig is part of the open source distribution BIND v9.x of the ISC (BIND-tools).
Since dig is now part of all Linux distributions, you no longer need to compile dig yourself. For example, dig is already packaged in the following Linux distributions: dnsutils (Debian), bind-utils (Red Hat, Fedora), and bind-tools (Gentoo).
How to configure a BIND name server is described here.
The simplest query is for a single host. By default, dig is already quite talkative. In all likelihood, not all information is needed in the standard output. Since it makes sense to know about their meaningfulness, here follows a documented query.
This command line call from dig retrieves information about the host at isc.org.
<<>> DiG 9.11.2-5-Debian <<>> www.isc.org
;; global options: +cmd
The opening section of the dig output says something about the version used (9.11.2) and the global options that are set (in this case +cmd). This part of the output can be suppressed with the option +nocmd, so in this way:
dig +nocmd www.gmail.org
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62145
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
At this point, dig provides some technical details about the DNS server's response. This section of the output can be switched on or off with the option +[no]comments. Disabling comments will also disable many section headings!
dig +nocomments www.isc.org
dig +comments www.isc.org
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.isc.org . IN A
In the Question sector dig reminds us of our request. The standard query refers to an Internet address (A). This can also be switched on or off with the option +[no]question.
;; ANSWER SECTION:
www.isc.org. 60 IN A 22.214.171.124
;; Query time: 48 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sun Jan 21 10:44:44 CET 2018
;; MSG SIZE rcvd: 56
The answer then provides the answer sector. The IP address of www.isc.org is 126.96.36.199. Again, this section of the output can be turned off with the +[no]answer option, although it makes no sense, as that is the key piece of information.
;; AUTHORITY SECTION: isc.org. 2351 IN NS ns-int.isc.org. isc.org. 2351 IN NS ns1.gnac.com. isc.org. 2351 IN NS ns-ext.isc.org.
The "Authority" section provides information about which DNS servers can provide an authoritative response to our request. In this case, isc.org has three name servers. This section can also be deactivated or activated with the option +[no]authority.
;; ADDITIONAL SECTION: ns1.gnac.com. 171551 IN A 188.8.131.52 ns-int.isc.org. 2351 IN A 184.108.40.206 ns-int.isc.org. 2351 IN AAAA 2001:4f8:0:2::15
The additional section usually contains the IP addresses of the DNS servers listed in the Authority section. This section of the output can be activated/deactivated with the option +[no]additional.
;; Abfragezeit: 2046 ms
;; SERVER: 127.0.0.1 # 53 (127.0.0.1)
;; WANN: Fr 27. August 08.22.26 2004
;; MSG-Größe rcvd: 173
This final section of the output contains some statistics about the query. It can also be disabled or enabled with the +[no]stats option.