dig

Updated: February 11, 2024

A command line diagnostic tool from BIND

tldr
Install
Common Commands
Record Types
Terms

tldr

# Look up IPs of a hostname
dig +short example.com

# Get a detailed answer of a given domain
dig +noall +answer example.com

# Query specific record type
dig +short example.com A|MX|TXT|CNAME|NS

# Get all records for a domain
dig example.com ANY

# Reverse DNS lookup (PTR record)
dig -x 8.8.8.8

# Find authoritative name servers
dig +nssearch example.com

# Trace path to resolve domain name
dig +trace example.com

INSTALL

MACOS

brew install bind

LINUX

sudo apt install dnsutils

COMMON COMMANDS

dig <hostname> 			# Returns A records for hostname
dig <hostname> any			# Returns all records
dig @<nameserver> <hostname> <record type>		# use hostname NS to query instead of ISP
dig <hostname> +short		# Only returns IP of A records
dig <hostname> +trace		# Return entire delegation chain of servers queried to root name server
dig -x <ip addr>			# Reverse lookup.

RECORD TYPES

A - Address IPv4 - records mapping of hostname to IP address. AAAA - Address IPv6 - records mapping of hostname to IP address. PTR - Pointer - appear in reverse file in the in-addr.arpa zone. CNAME - Canonical Name - define an alias. NS - Name Server - declares a machine to be name server for a specified zone. HINFO - Host Information - gives operating system and architecture of specified host. Most sites do not provide this info because of hackers. SOA - State of Authority - sets up the authority zone for a record.

TERMS

FQDN - Fully Qualified Domain Name - Zone files use these and require a period at the end. 90% of problems are the missing period.

dig