LinuxCommandLibrary

dig

Query DNS name servers

TLDR

Lookup the IP(s) associated with a hostname (A records)

$ dig +short [example.com]
copy

Get a detailed answer for a given domain (A records)
$ dig +noall +answer [example.com]
copy

Query a specific DNS record type associated with a given domain name
$ dig +short [example.com] [A|MX|TXT|CNAME|NS]
copy

Specify an alternate DNS server to query and optionally use DNS over TLS (DoT)
$ dig [+tls] @[1.1.1.1|8.8.8.8|9.9.9.9|...] [example.com]
copy

Perform a reverse DNS lookup on an IP address (PTR record)
$ dig -x [8.8.8.8]
copy

Find authoritative name servers for the zone and display SOA records
$ dig +nssearch [example.com]
copy

Perform iterative queries and display the entire trace path to resolve a domain name
$ dig +trace [example.com]
copy

Query a DNS server over a non-standard [p]ort using the TCP protocol
$ dig +tcp -p [port] @[dns_server_ip] [example.com]
copy

SYNOPSIS

dig [@server] [name] [type] [class] [+options] [{queryopts}]

  • @server: Specifies the IP address or hostname of the DNS server to query. If omitted, the system's default DNS server is used.
  • name: The domain name, hostname, or IP address (for reverse lookup) to query.
  • type: The DNS record type to query (e.g., A, AAAA, MX, NS, SOA, TXT, CNAME, PTR, SRV). Defaults to A if omitted.
  • class: The network class (e.g., IN for Internet, CH for Chaos, HS for Hesiod). Defaults to IN.
  • +options: Various command-line options to control query behavior and output format (e.g., +short, +trace).
  • {queryopts}: Legacy query options for specific record types. Rarely used with modern dig.

PARAMETERS

@server
    Specifies the DNS server to query by its IP address or hostname.

name
    The domain name, hostname, or IP address to lookup.

type
    The DNS record type to query (e.g., A, AAAA, MX, NS, SOA, TXT).

-x
    Performs a reverse DNS lookup (PTR query) for the given IP address.

+short
    Displays only the answer section, providing a concise output.

+noall +answer
    Suppresses all sections of the output except the answer section.

+trace
    Traces the delegation path from the root servers, showing each queried server.

+recurse
    Requests recursive queries to the server (default).

+norecurse
    Disables recursive queries, performing an iterative query.

+tcp
    Forces dig to use TCP for the query instead of UDP.

+time=
    Sets the timeout for a query, in seconds.

+tries=
    Sets the number of retries for a query.

+stats
    Displays query statistics, including query time and server details.

+nocomments
    Disables the display of comment lines in the output.

+noquestion
    Disables the display of the question section in the output.

DESCRIPTION

The dig (Domain Information Groper) command is a flexible tool for interrogating DNS name servers.
It performs DNS lookups and displays the answers that are returned from the name servers that were queried. While it can operate in a simple query mode, its primary use is for network troubleshooting, particularly for DNS-related issues.
dig is commonly used by system administrators to verify DNS records, check DNS propagation, and diagnose problems with domain name resolution.
Unlike older tools like nslookup, dig provides more detailed, flexible, and consistent output, making it the preferred choice for professional DNS diagnostics.

CAVEATS

  • dig requires a basic understanding of DNS concepts to interpret its detailed output effectively.
  • The default output can be verbose; use options like +short or +noall +answer for concise results.
  • It may not be installed by default on all minimal Linux distributions, often requiring the installation of the bind-utils or dnsutils package.
  • For very complex DNS queries or advanced server diagnostics, understanding BIND configuration files might be necessary in conjunction with dig.

COMMON USE CASES

dig is invaluable for:

  • Verifying A records (IP addresses) for a domain: dig example.com
  • Checking MX records (mail servers): dig example.com MX
  • Performing reverse lookups (IP to hostname): dig -x 192.0.2.1
  • Tracing DNS delegation paths to diagnose issues: dig +trace example.com
  • Querying a specific DNS server: dig @ns1.example.com example.com

OUTPUT SECTIONS

A standard dig output includes several sections:

  • HEADER: Shows dig version, query options, and response flags.
  • QUESTION SECTION: Repeats the query performed.
  • ANSWER SECTION: Contains the DNS records returned for the query. This is often the most important part.
  • AUTHORITY SECTION: Lists the authoritative name servers for the queried domain.
  • ADDITIONAL SECTION: Provides supplementary information, such as IP addresses for name servers listed in the AUTHORITY SECTION.
  • STATISTICS: Summarizes query time, server details, and message size.

HISTORY

dig originated as part of the BIND (Berkeley Internet Name Domain) software suite, developed by the Internet Systems Consortium (ISC).
It was designed to be a more powerful and flexible alternative to older DNS lookup utilities like nslookup, which had known limitations and was eventually deprecated by ISC.
Since its inception, dig has become the de facto standard tool for DNS diagnostics and troubleshooting across Unix-like operating systems due to its comprehensive features and consistent output format.
Its continuous development ensures compatibility with new DNS record types and protocol extensions.

SEE ALSO

host(1), nslookup(1), named(8), rndc(8)

Copied to clipboard