Dig command explained

Are you ready to learn all about one simple and a great tool for network diagnostic? Here comes the Dig command! Small, fast, and useful. It can become your go-to DNS utility tool from now on.

History of the Dig command

The creator of the dig command is Stev Hotz. The utility tool was part of the BIND 4 (Berkeley Internet Name Domain) DNS software that was introduced in the late 80s. Some year later, another developer called Michael Sawyer rewrote the code of dig and integrated it into the BIND 9. 

Dig command explained

To explain to you the Dig command, the easiest way, we can start with its full name – Domain Information Groper. What you can get from the name is that this software has the purpose get information about a domain. You can perform various DNS probing and get important information that can help you detect a problem with your domain, DNS records, or name servers. 

What can you do with the Dig command?

With the Dig command, you can see all kinds of DNS records, check name servers, do a reverse DNS, and more. See the whole list here:

  • Check all name servers (see the NS DNS records). 
  • Probe an individual name server after you know it from the previous probe. 
  • Probe all available DNS records
  • Perform a specific check for a certain type of DNS record – A, AAAA, MX, NS, SOA, TXT, CNAME, or another. 
  • Check an IP and trace it back to a hostname.
  • Trace the complete route of a DNS query from a point (your computer or another resolver) to the hostname or IP address. 

Dig output explained

Let’s go deep into the output that you will get after performing a dig query. 

Go to the Terminal and write:

dig yahoo.com

*you can change yahoo.com with another domain that you want. 

  1. The first part of the output will show you the version of the dig command and the global option for the particular check. You can disable this part with the +nocmd option.
  2. Then you will get a header that will show you if you got an answer or no (NOERROR means you got no problem receiving the answer), flags used for the query, and type of answer – authoritative or no. Remove this part with +nocomments options. 
  3. In the newer version of Dig, you will have an OPT section that shows EDNS and its port. +noedns will remove this. 
  4. The question, by default, is the A record, but you can ask for: A, AAAA, MX, SOA, NS, CNAME, TXT, PTR or another record, particular host, IP address, port, or another. 

Examples of some dig questions:

dig a yahoo.com

dig aaaa yahoo.com

dig mx yahoo.com

dig soa yahoo.com

dig ns yahoo.com

dig txt yahoo.com

dig yahoo.com +trace (trace route)

dig -x 11.22.33.44 (reverse lookup of the IP address 11.22.33.44)

dig -p 43 yahoo.com (check the domain using port 43)

You can use extra options by putting them after your question and domain. An example of an option is +short for a shorter answer of only IPv4 (dig yahoo.com +short). Multiple options can be added by simply separating them with space. Example of two options together:

dig -x 11.22.33.44 +noall +answer – a reverse lookup for 11.22.33.44 without all the information, but include the answer.

  1. The answer. It will show what you asked before. The common answer will show the hostname, a TTL value of the DNS record, its type, and value. If it is an A record query, you will get the IPv4 addresses. 

If you don’t want to see the answer section for some reason, you can remove it with the option +noanswer.

  1. Authority section shows which are the authoritative name servers for the particular domain. 

+noauthority will disable this part. 

  1. Additional information about the addresses IPv4 and IPv6 of the authoritative name servers. 

+noadditional to disable it. 

  1. Statistic. It will show the general statistics about the query like time, packet size, and date.

+nostats option will dissable it.

Suggested article: Traceroute command explained

Conclusion

Now you know everything about the Dig command. Go ahead and use the examples of dig commands from part 4 of the “Dig output explained”. Learn to use, and you will always have a great domain testing tool at hand.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Anycast DNS

What is Anycast DNS?What is Anycast DNS?

Domain name system (DNS) is a very wide and complex topic. A lot can be said about it, and Anycast DNS is one of the many actors involved in this ‘movie’. DNS is the Internet’s backbone. Without DNS infrastructure, we couldn’t navigate as simply as we currently do. DNS is