~/Dig with examples

Nov 5, 2022

The dig (Domain Information Groper) command in the CLI is used to query DNS servers for information about domains. It provides details like IP addresses, mail servers, and other DNS records, useful for diagnosing DNS issues or inspecting domain configurations.

Basic Usage Example:

1

dig example.com

Common Options:

• dig example.com MX – Retrieves the mail exchange (MX) records.
• dig example.com ANY – Retrieves all available records.
• dig +short example.com – Shows just the IP address.

1. Basic A Record Lookup:

   1	dig example.com

   Retrieves the A record (IP address) for the domain.

2. Find Specific Record Types:

   1 2 3

   dig example.com MX # Mail server records dig example.com TXT # Text records (e.g., SPF, DKIM) dig example.com NS # Nameserver records

3. Reverse DNS Lookup:

   1	dig -x 8.8.8.8

   Finds the domain associated with an IP address.

4. Find All Available DNS Records:

   1	dig example.com ANY

   Retrieves all DNS records for the domain.

5. Query Specific DNS Server:

   1	dig @8.8.8.8 example.com

   Uses a specified DNS server (e.g., Google’s) for the lookup.

6. Use +short to Simplify Output:

   1	dig example.com +short

   Provides a concise output, showing only the IP address.

7. Check SOA (Start of Authority) Records:

   1	dig example.com SOA

   Retrieves the SOA record, showing authoritative server and timestamps.

8. Trace DNS Resolution Path:

   1	dig +trace example.com

   Shows the entire resolution path from root servers to authoritative servers.

9. Display Query Time:

   1	dig example.com +stats

   Adds statistics, including query time, in the output.

10. Inspect DNSSEC Information:

1

dig example.com +dnssec

Shows DNSSEC signatures, if configured for the domain.

These dig commands offer flexibility for both routine lookups and in-depth DNS troubleshooting.

References

• https://en.wikipedia.org/wiki/Dig_(command)
• https://www.cyberciti.biz/faq/linux-unix-dig-command-examples-usage-syntax/