Using DIG to Query DNS Data

Using DIG to Query DNS Data

Domain Information Groper (DIG) is a command line tool that is widely used when troubleshooting DNS issues. If you're an administrator working with any part of DNS it's a critical piece of your toolbox.

Example 1: Find the A Record for a domain

Let's assume we want to know the A record for the noc.org domain. We could use dig like this:

dig noc.org 

; <<>> DiG 9.16.1-Ubuntu <<>> noc.org 
;; global options: +cmd 
;; Got answer: 
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45429 
;; flags: qr rd ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 
;; WARNING: recursion requested but not available 

;; QUESTION SECTION: 
;noc.org. IN A 

;; ANSWER SECTION: 
noc.org. 0 IN A 137.220.48.110 

;; Query time: 90 msec 
;; SERVER: 172.23.224.1#53(172.23.224.1) 
;; WHEN: Thu Jun 17 14:04:15 CDT 2021 
;; MSG SIZE rcvd: 48

You would see that the A record for the noc.org domain is 137.220.48.110.

Example 2: Manipulate Dig Outputs

Dig is a bit chattier than other tools so a common option leveraged is +short. As the name implies, it shortens the output.

For example:

dig noc.org +short 
137.220.48.110

You will notice that it gives you a very short response compared to the default output. By default it gives you the A record when you use +short without other properties.

This means if you want to see something like your email records or Time To Live (TTL), SOA or even name servers you have to pass those through like this:

Querying email records:

dig noc.org +short mx

mx 10 ALT3.ASPMX.L.GOOGLE.COM. 
5 ALT1.ASPMX.L.GOOGLE.COM. 
5 ALT2.ASPMX.L.GOOGLE.COM. 
10 ALT4.ASPMX.L.GOOGLE.COM. 
1 ASPMX.L.GOOGLE.COM.

Querying nameserver records:

dig noc.org +short ns

ns12.dns-noc.org. 
ns12.dns-noc.net. 
ns7.dns-noc.org. 
ns7.dns-noc.net.

You can also manipulate the output of DIG without using +short by using other options.

For example, let's say we only want the answer response from dig, it would look something like this:

Removing all the noise, and focusing on the response while querying for the SOA record:

dig noc.org soa +nocomments +noquestion +noauthority +noadditional +nostats

; <<>> DiG 9.16.1-Ubuntu <<>> noc.org soa +nocomments +noquestion +noauthority +noadditional +nostats 
;; global options: +cmd 
noc.org. 0 IN SOA ns7.dns-noc.org. security.noc.org. 1586927815 14400 3600 1209600 300

Example 3: Reverse Lookups with Dig

So now that you know what the A record is pointing to, is it correct?

Dig allows you to do a reverse lookup on an IP to see where it's pointing.

dig -x 137.220.48.110 +short 

cdn-edge-usa-central-dallas1.noc.org.

So now we see that it's the NOC Dallas DC.

Example 4: Querying Multiple Domains

Another important task is querying multiple domains, and dig makes that easy by allowing you to daisy chain the requests like this:

dig noc.org +noall +answer cleanbrowsing.org +noall +answer 

noc.org. 0 IN A 137.220.48.110 
cleanbrowsing.org. 0 IN A 137.220.48.110
Was this article helpful?

Related Articles