We are going to see about the dig command. So, what is it? The dig command is used to resolve DNS issues. For example, if you want to check whether DNS is working properly or if you are getting the proper domain information, you can use the dig command to verify it.
dig stands for Domain Information Groper. It queries the DNS database. Before jumping into the dig command, let’s look at a few DNS records.
- A Record:- IPv4 Address record that directly maps a hostname to an IP address.
- AAAA Record:- IPv6 address
- CNAME Record:- Canonical name or alias name for the domain. For example, if you have a big name for the server but want to call it by a shorter name, you can use this record.
- MX Record:- Mail exchange record, used for mail servers. It has high priority in DNS.
- NS Record:- Name server record, indicating the DNS name server.
- PTR Record:- Pointer record, used for reverse DNS lookups.
- SOA Record:- Start of authority record, providing authoritative information about the DNS zone.
- TXT Record:- text record, containing text information.
How the dig command works. You can install it using the following command
sudo apt-get install dnsutils
- Once installed, you can run the dig command. For example, to query Google’s DNS server, you can use:
dig google.com
This command fetches the record and provides a reply from the dig command. The output includes details such as the IP address, query time, and the server that provided the information.
Header Information
- DiG Version:– DiG 9.18.28-0ubuntu0.24.04.1-Ubuntu
- Opcode:– QUERY
- Status:– NOERROR (Indicates that the query was successful and there were no errors)
- Flags:– qr (Query response), rd (Recursion desired), ra (Recursion available)
- Question Count:– 1, Answer Count: 6, Authority Count: 0, Additional Count: 1.
Question Section
- Query:– google.com (Type A record, which returns IPv4 addresses)
Answer Section
- IP Addresses for google.com:
- 142.251.10.138
- 142.251.10.139
- 142.251.10.100
- 142.251.10.101
- 142.251.10.102
- 142.251.10.113
- These IP addresses are used by Google to balance load and provide redundancy.
EDNS (Extension Mechanisms for DNS) Information
- Version:– 0
- UDP Packet Size:– 65494 bytes
Information
- Message Size Received:– 135 bytes
- Query Time:– 3 milliseconds (The time it took to receive a response from the DNS server)
- DNS Server Used:– 127.0.0.53 (A local DNS resolver used by the system)
Uses of /etc/resolv.conf:
The resolve.conf file in Linux is used to configure DNS resolvers. It’s typically located at /etc/resolv.conf and contains information about the DNS servers that the system should use for resolving domain names.
- Nameserver Entries:– Specifies the IP addresses of DNS servers that the system should query.
- Search Domain Entries:– Defines default domain names to append to a query if the domain name is unqualified.
- Options:– Provides additional configuration options for DNS resolution.
Format of resolv.con files:
The /etc/resolv.conf file generally includes:
- nameserver: Specifies the IP address of a DNS server.
- search: Defines a list of domain names to be used for appending to queries.
- options: Sets various options for resolver behavior.
Example /etc/resolv.conf File
plaintext
nameserver 8.8.8.8
nameserver 8.8.4.4
search example.com
options timeout:2
- nameserver 8.8.8.8: Uses Google’s public DNS server with IP address 8.8.8.8.
- nameserver 8.8.4.4: Uses an additional DNS server, also provided by Google.
- search example.com: Appends example.com to unqualified domain names.
- options timeout:2: Sets the timeout for DNS queries to 2 seconds.
You can use different options with the dig command:
dig -4:- For IPv4 addresses.
dig -6:- For IPv6 addresses.
dig -x [IP address]:- For reverse DNS lookups.
dig google.com ANY:-- To query all types of DNS records.
dig google.com A:- To specifically query A records.
dig google.com MX:- To specifically query MX records.
- If you need to resolve multiple hosts at the same time, you can create a file with the hostnames or IP addresses and use:
dig -f [file_name]
