Using DIG to Query DNS Data

Domain Information Groper (DIG) is a command line tool that is widely used when troubleshooting DNS issues. If you're an administrator working with any part of DNS it's a critical piece of your toolbox.

Example 1: Find the A Record for a domain

Let's assume we want to know the A record for the domain. We could use dig like this:


; <<>> DiG 9.16.1-Ubuntu <<>> 
;; global options: +cmd 
;; Got answer: 
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45429 
;; flags: qr rd ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 
;; WARNING: recursion requested but not available 

; IN A 


;; Query time: 90 msec 
;; WHEN: Thu Jun 17 14:04:15 CDT 2021 
;; MSG SIZE rcvd: 48

You would see that the A record for the domain is

Example 2: Manipulate Dig Outputs

Dig is a bit chattier than other tools so a common option leveraged is +short. As the name implies, it shortens the output. For example:

dig +short

You will notice that it gives you a very short response compared to the default output. By default it gives you the A record when you use +short without other properties.

This means if you want to see something like your email records or Time To Live (TTL), SOA or even name servers you have to pass those through like this:

Querying email records:

dig +short mx


Querying nameserver records:

dig +short ns

You can also manipulate the output of DIG without using +short by using other options.

For example, let's say we only want the answer response from dig, it would look something like this:

Removing all the noise, and focusing on the response while querying for the SOA record:

dig soa +nocomments +noquestion +noauthority +noadditional +nostats

; <<>> DiG 9.16.1-Ubuntu <<>> soa +nocomments +noquestion +noauthority +noadditional +nostats 
;; global options: +cmd 0 IN SOA 1586927815 14400 3600 1209600 300

Example 3: Reverse Lookups with Dig

So now that you know what the A record is pointing to, is it correct?

Dig allows you to do a reverse lookup on an IP to see where it's pointing.

dig -x +short

So now we see that it's the NOC Dallas DC.

Example 4: Querying Multiple Domains

Another important task is querying multiple domains, and dig makes that easy by allowing you to daisy chain the requests like this:

dig +noall +answer +noall +answer 0 IN A 0 IN A

Posted in   Networking_Tips   Troubleshooting   DIG     by trunc_team

Improve Your Websites Speed and Security