How to Use dig Command in Ubuntu, Debian, CentOS, Redhat

In the world of network and systems management, checking DNS servers and obtaining information about domain names, IP addresses, and various DNS records and mail exchanges is important for administrators. The dig (Domain Information Groper) in Linux is a powerful command line tool to retrieve information and query from the DNS server to get information about different Internet Host addresses, records such as MX, NS, SRV, and information about Internet name servers.

In other words, the dig command line tool has the same functionality as the nslookup command, but it is much more advanced than that. The information you get in the dig command output helps troubleshoot DNS problems and DNS lookups and obtain various DNS records. In this article, we will teach you how to install the dig command line tool and use dig to become an expert in DNS server troubleshooting and network management.

What is the dig command?

Dig (Domain Information Groper) is a versatile and powerful Linux command line tool that is used to troubleshoot DNS, retrieve information about DNS servers and various DNS records, and search for Name servers. Using the dig tool, you get helpful information about IP addresses, email servers, and domain names, which are very important for network management.

The dig tool is one of the efficient and indispensable tools for network administrators, developers, and users who deal with DNS. The powerful dig tool is available by default in the Linux operating system. If you are a network administrator, the availability of a dig tool is a necessity for you. To benefit from the features of the dig command, as an experienced network administrator, you should buy Linux VPS, and then you can use dig features for your various purposes. The main syntax of the dig command is as follows:

dig [server] [name] [record type]

• server: Specify the server’s hostname or IP address to which the query will be sent.
• name: Type the desired DNS server for lookup.
• type: Specify the type of DNS record.

Note: If you do not specify the record type, dig will search for record A by default. In addition, if you do not select a specific name server for DNS queries, DNS queries will be directed to the name servers listed in resolver (/etc/resolv.conf) by default.

Since the dig command also uses various and advanced options to expand its functionality, you can use the dig command with various options as follows to lookup and query DNS:

dig [options] [domain] [record type]

Common dig command options are:

• +short: displays only essential information in a concise format.
• +trace: traces the DNS transfer path from root servers to authoritative nameservers.
• +answer: displays only the answer section related to DNS.
• +question: only displays the information of the question part of the DNS query.
• +noall: Suppresses all normal output, except for errors and the answer section
• +port: used to specify the custom DNS port.
• @server: Using this option, you can query specific DNS servers.

Definition of DNS and types of DNS records

DNS, which stands for Domain Name System, is an Internet infrastructure that converts human-readable domain names into computer-readable numbers and vice versa. By translating domain names to IP addresses, DNS communicates between devices on the Internet and private networks and allows us to use user-friendly domain names to access websites and other Internet resources instead of remembering and using complex IP addresses. DNS contains different types of records that report additional information. The most common DNS records are as follows:

A record (Address record): used to map the hostname to the IP address.

MX (Mail Exchange record): Specifies the mail servers that receive mail for a domain.

SIG records (Signature record): used in encryption protocol.

NS (nameserver record): specifying virtual name servers related to the domain.

TXT records (text record): TXT records store text data; the information of this record is used for authentication and validation.

How to install dig in Linux

The dig tool is available by default in all Linux distributions. If you are not sure about the availability of the dig tool in your Linux distribution, check the version of the dig tool by running the following command to ensure that the dig tool is installed on your system:

dig -v

Example output:

DiG 9.11.3-1ubuntu1.1-Ubuntu

If you get a numerical code output like the output of our example, ensure your system supports dig. Otherwise, if the message “dig: command not found” is printed in the output, install dig on Ubuntu, Debian, CentOS, and RedHat using the following commands and the distro’s package manager.

Note: To install the dig tool in Linux, you must have a user account with root or sudo privileges.

Installing dig on Debian/Ubuntu:

sudo apt-get install dnsutils

Installing dig on CentOS / RedHat:

sudo yum install bind-utils

A quick guide to learn how to use the dig command

By reading this article, you will learn the basic uses of the dig command for troubleshooting DNS problems, retrieving DNS records, verifying DNS settings, and other DNS-related purposes, and you will become an expert in using the dig command.

DNS Lookup

One use of the dig command in linux is to lookup DNS for a domain name. For this purpose, consider the following example:

dig OperaVPS.com

Since we do not specify the type of record, record A is retrieved by default, and valuable information about technical details is printed in the answers section, statistics about the query and question section, which you can get the most important information from the answer section. In the Answer section, information about the names of the servers that are queried, Time to Live to refresh the records, class of query, type of query, and IP address associated with the domain name are displayed.

The Header section displays the information received from the server, including flags, UDP packet size, and Extension system for DNS.

You can get information about the domain name, query type, and record type from the Question section in the output.

Finally, the Statistics section is printed to provide the IP address and port of the responsive DNS server, Timestamp, Query time, and other statistical information.

Query a specific DNS server

dig command, if the name server is not specified, by default, it considers one of the name servers in the local configuration (servers in the /etc/resolv.conf file) for the query. You can specify a specific DNS server to query using the @ option and typing the name server IP or hostname. For example, to query the Google name server (8.8.8.8) to retrieve information, run the following command in Ubuntu and CentOS:

dig @8.8.8.8 google.com

Output:

; <<>> DiG 9.13.3 <<>>  @8.8.8.8  google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26503
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com                                       IN           A

;; ANSWER SECTION:
google.com.                       299         IN           A             173.217.169.206
;; Query time: 54 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: We July 12 14:28:01 CEST 2023
;; MSG SIZE  rcvd: 70

Reverse DNS Lookup

dig supports advanced techniques to improve DNS analysis; one of these techniques is reverse DNS lookup, which allows DNS lookup by IP address instead of the domain name. For this purpose, you must run the -x option along with the dig command:

dig -x [IP address]

The hostname associated with the IP address and required information is displayed in the output.

You can combine the previous command with+answerand+noalloptions to optimize the search:

dig +noall +answer -x [IP address]

For example:

dig +noall +answer -x 172.217.14.238

Output:

;; global options: +cmd
238.14.217.172.in-addr.arpa. 245 IN         PTR        sea30s02-in-f14.1e100.net.

Tracing the DNS transfer path

If you want to trace the path of the DNS lookup, using the +trace option along with the dig command is useful. Run the following syntax for this purpose in Debian-based and Redhat-based distributions:

dig [options] [domain]

For example:

dig  +trace google.com

Getting a short answer

If you want to get a brief and useful output, use the +short option when running the dig command in Ubuntu and CentOS:

dig [domain] +short

In the previous command’s output, only the IP address associated with the domain name is displayed.

Getting a detailed answer

Sometimes, the user needs comprehensive information about DNS to troubleshoot problems related to DNS or other purposes, which dig displays detailed information in the answer section by providing the +noall +answer option:

dig [domain] +noall +answer

Retrieving different types of DNS records

By using dig, you can get information about different DNS records. In the following, we will teach how to query the most common DNS records in Debian, Ubuntu, CentOS, and RedHat.

• Querying the A record

To get the IP address associated with the domain name, the information provided by record A will meet your needs. Therefore, to access the IP address associated with the domain name, run the following command:

dig example.com A

To query record A when running the dig command, you do not have to type the A option because dig will retrieve A records by default if the record type is not specified.

• Querying the NS records

To access valid nameservers for a specific domain, query the NS record:

dig example.com NS

• Querying the MX records

To find the mail server for a particular domain, it is useful to retrieve MX record information. For this purpose, consider the following example:

dig example.com MX

• Querying TXT records

To access the textual data associated with a specific domain, retrieve the TXT record:

dig example.com TXT

• Querying CNAME records

To find the alias of a domain, it is useful to retrieve the CNAME record:

dig www.example.com CNAME

• Querying All Records

To access all DNS records for a specific domain along with IP addresses, use the “any” option:

dig example.com ANY

Customizing the dig command output

In using the dig tool, it is possible that you can set frequently used

options as default for the dig command to optimize the output and achieve the desired results in the shortest time. It should be noted that the information provided by dig is stored in the ~/.digrc file, which can be edited. Therefore, access the content of this file by executing the following command by your favorite editor:

sudo nano ~/.digrc

Then you can add your desired options to its content, for example:

+noall
+answer

Exit the file (ctrl-x).

As a result, when you execute the dig example.com command, the output will be displayed in such a way that +noall and +answer options are added to the command.

Querying a large number of domains

One of the advantages of the dig tool is that it allows you to list a large number of domain names in a file (one domain name per line), and using that file, you can query a large number of domain names. For this purpose, you must use the -f option along with the dig command as follows:

dig -f test.txt

test.txt is an example of a file that contains a list of domain names to query. Replace test.txt with the desired file.

FAQ

Conclusion

dig tool can be introduced as one of the most valuable network management tools for DNS queries. Used the dig tool to troubleshoot DNS problems, verify DNS settings, DNS queries, translate domain names to their corresponding IP addresses, and retrieve information and various types of DNS records for a domain. Learning how to use the dig tool is helpful for network administrators and developers in ubuntu and centos. We’ve tried to provide a quick guide to learn how to install and use dig for various DNS-related purposes so that you can become an expert in using the dig command by spending less time.

If you have any questions about the dig command, ask us in the comments section.