Dig (command) explained

dig
Author:	Steve Hotz, Michael Sawyer
Developer:	Internet Systems Consortium (originally Computer Systems Research Group)
Operating System:	Linux, NetBSD, FreeBSD, OpenBSD, macOS, Windows, Solaris, illumos, OpenVMS
Genre:	DNS lookup tool
License:	Mozilla Public License (ISC license before 9.11^[1])
Website:	https://www.isc.org/bind/

dig is a network administration command-line tool for querying the Domain Name System (DNS).

dig is useful for network troubleshooting and for educational purposes.^[2] It can operate based on command line option and flag arguments, or in batch mode by reading requests from an operating system file. When a specific name server is not specified in the command invocation, it uses the operating system's default resolver, usually configured in the file resolv.conf. Without any arguments it queries the DNS root zone.

dig supports Internationalized domain name (IDN) queries.

dig is a component of the domain name server software suite BIND. dig supersedes in functionality older tools, such as nslookup and the program host; however, the older tools are still used in complementary fashion.

Example usage

Basic

In this example, dig is used to query for any type of record information in the domain example.com:

$ dig example.com any

<<>> DiG 9.6.1 <<>> example.com any global options: +cmd Got answer:

QUESTION SECTION:

ANSWER SECTION:example.com. 172719 IN NS a.iana-servers.net.example.com. 172719 IN NS b.iana-servers.net.example.com. 172719 IN A 208.77.188.166example.com. 172719 IN SOA dns1.icann.org. hostmaster.icann.org. 2007051703 7200 3600 1209600 86400

Query time: 1 msec SERVER: ::1#53(::1)

The number 172719 in the above example is the time to live value, which indicates the time of validity of the data.

The any DNS query is a special meta query which is now deprecated. Since around 2019, most public DNS servers have stopped answering most DNS ANY queries usefully https://blog.cloudflare.com/rfc8482-saying-goodbye-to-any/.

If ANY queries do not enumerate multiple records, the only option is to request each record type (e.g. A, CNAME, or MX) individually.

Specific DNS server

Queries may be directed to designated DNS servers for specific records; in this example, MX records:$ dig wikimedia.org MX @ns0.wikimedia.org

<<>> DiG 9.11.3 <<>> wikimedia.org MX @ns0.wikimedia.org global options: +cmd Got answer:

OPT PSEUDOSECTION:

ANSWER SECTION:wikimedia.org. 3600 IN MX 10 mx1001.wikimedia.org.wikimedia.org. 3600 IN MX 50 mx2001.wikimedia.org.

Query time: 1 msec SERVER: 208.80.154.238#53(208.80.154.238)

With output formatting

There are many output formatting options available. A common selection to make the output more terse is:

$ dig +noall +answer +multiline wikimedia.org MXwikimedia.org. 3600 IN MX 10 mx1001.wikimedia.org.wikimedia.org. 3600 IN MX 50 mx2001.wikimedia.org.

Where +noall +answer +multiline are simply output formatting flags.

History

dig was originally written by Steve Hotz and incorporated into BIND 4 since at least 1990;^[3] later it was rewritten by Michael Sawyer, and is maintained by the Internet Systems Consortium as part of BIND 9.

When originally written, the manual page for dig indicated that its name was an acronym for "Domain Information Groper". This expansion was removed in 2017; the tool's name is now simply "dig".

References

Bibliography

Paul Albitz and Cricket Liu. DNS and BIND, 5th Edition. Nutshell Series. O'Reilly and Associates, Inc., 2006.

External links

Notes and References

Web site: LICENSE in Bind 9.11 branch. 2021-09-19. 2021-08-22. https://web.archive.org/web/20210822235017/https://gitlab.isc.org/isc-projects/bind9/blob/v9_11/LICENSE. dead.
Web site: 2020-02-26 . Dig Command in Linux (DNS Lookup) . 2024-03-07 . linuxize.com.
Web site: dig (4.4BSD of 1990) . man.freebsd.org . 2024-05-17.