dig Command Reference

The dig (Domain Information Groper) command is a powerful DNS lookup utility used for querying DNS name servers to retrieve information about host addresses, mail exchanges, name servers, and related information. This reference provides commonly used dig commands and examples to help you perform DNS queries effectively.

Basic Syntax

The general syntax for using dig is:

dig [@server] [name] [type] [options]

@server - Specifies the DNS server to query.
name - The domain name to query.
type - The type of DNS record to query (e.g., A, MX, NS).

Commonly Used Options

Option	Description
`+short`	Display a short answer.
`+noall`	Suppress all output except the query answer.
`+answer`	Display the answer section.
`+trace`	Trace the delegation path from the root name servers.
`+nssearch`	Perform an NS record search.
`-x <address>`	Perform a reverse lookup on an IP address.
`+tcp`	Use TCP instead of UDP for queries.
`+time=N`	Set the timeout for a query to N seconds.
`+tries=N`	Set the number of times to retry a query to N.
`+multiline`	Print records in a more readable format.

Query Types

Type	Description
`A`	IPv4 address record.
`AAAA`	IPv6 address record.
`CNAME`	Canonical name record (alias).
`MX`	Mail exchange record.
`NS`	Name server record.
`TXT`	Text record.
`SOA`	Start of authority record.
`PTR`	Pointer record (used for reverse DNS lookups).
`ANY`	All records.

Basic Examples

1. Query an A Record

# Query the A record for example.com
dig example.com

2. Query a Specific Record Type

# Query the MX records for example.com
dig example.com MX

3. Use a Specific DNS Server

# Query using Google's public DNS server
dig @8.8.8.8 example.com

4. Display a Short Answer

# Get a concise answer
dig example.com +short

5. Reverse DNS Lookup

# Reverse lookup for IP address 8.8.8.8
dig -x 8.8.8.8

Advanced Examples

1. Trace DNS Resolution Path

# Trace the DNS resolution for example.com
dig example.com +trace

2. Query All Record Types

# Retrieve all DNS records for example.com
dig example.com ANY

3. Query with Custom Timeout and Retries

# Set timeout to 5 seconds and retries to 2
dig example.com +time=5 +tries=2

4. Query TXT Records (e.g., SPF, DKIM)

# Get TXT records for example.com
dig example.com TXT

5. Query with TCP Instead of UDP

# Use TCP protocol for the query
dig example.com +tcp

6. Perform an NS Record Search

# Search for name servers of example.com
dig example.com NS

7. Query SOA Record

# Get the Start of Authority record
dig example.com SOA

Understanding dig Output

The output of dig consists of several sections:

HEADER: Shows technical details about the query and response.
QUESTION SECTION: Displays what was asked in the query.
ANSWER SECTION: Contains the answer to the query.
AUTHORITY SECTION: Shows the authoritative name servers for the domain.
ADDITIONAL SECTION: Provides additional information, such as IP addresses of the name servers.
STATISTICS: Summarizes query time, server used, and when the query was made.

Batch Queries

You can perform multiple queries in one command by using a text file with a list of domains:

# Create a file called domains.txt with one domain per line
example.com
example.net
example.org

# Run dig for each domain
dig -f domains.txt

You can also redirect the output to a file:

dig -f domains.txt > results.txt

Reverse DNS Lookups

To perform a reverse DNS lookup (PTR record), use the -x option:

# Reverse lookup for IP 8.8.4.4
dig -x 8.8.4.4

Using dig in Scripts

The +short option is useful when using dig in shell scripts:

# Get the IP address of a domain
IP=$(dig +short example.com)
echo "The IP address of example.com is $IP"

Debugging DNS Issues

1. Check for Propagation

# Query different DNS servers
dig @8.8.8.8 example.com
dig @1.1.1.1 example.com

2. Verify DNSSEC

# Check DNSSEC validation
dig example.com +dnssec

3. Query Specific Name Servers

# Query the authoritative name server
dig @ns1.example.com example.com

Additional Options

Option	Description
`+nocmd`	Suppress the command from the output.
`+nostats`	Suppress the statistics section.
`+noquestion`	Suppress the question section.
`+noauthority`	Suppress the authority section.
`+noadditional`	Suppress the additional section.
`+nocomments`	Suppress comment lines.
`+qr`	Display the query as it is sent.
`+identify`	Show the responder's IP address and port number.
`+ttlid`	Display TTLs in units instead of as comments.

Common Use Cases

1. Check Mail Server Records

# Get MX records for a domain
dig example.com MX +short

2. Verify SPF Records

# Get SPF information from TXT records
dig example.com TXT +short

3. Find Authoritative Name Servers

# List NS records
dig example.com NS +short

4. Test DNS Resolution over TCP

# Use TCP for DNS query
dig example.com +tcp

Troubleshooting Tips

No Response: If you get no answer, check if the domain exists and the DNS server is reachable.
Timeouts: Use +time=N and +tries=N to adjust timeouts and retries.
Caching Issues: Query different DNS servers to check for propagation delays.
Incorrect Data: Use +trace to see the resolution path and identify misconfigurations.

Return to Home