Using DIG to Query DNS Data
Domain Information Groper (DIG) is a command line tool that is widely used when troubleshooting DNS issues. If you're an administrator working with any part of DNS it's a critical piece of your toolbox.
Example 1: Find the A Record for a domain
Let's assume we want to know the A record for the noc.org domain. We could use dig like this:
dig noc.org ; <<>> DiG 9.16.1-Ubuntu <<>> noc.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45429 ;; flags: qr rd ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;noc.org. IN A ;; ANSWER SECTION: noc.org. 0 IN A 18.104.22.168 ;; Query time: 90 msec ;; SERVER: 172.23.224.1#53(172.23.224.1) ;; WHEN: Thu Jun 17 14:04:15 CDT 2021 ;; MSG SIZE rcvd: 48
You would see that the A record for the noc.org domain is 22.214.171.124.
Example 2: Manipulate Dig Outputs
Dig is a bit chattier than other tools so a common option leveraged is +short. As the name implies, it shortens the output.
dig noc.org +short 126.96.36.199
You will notice that it gives you a very short response compared to the default output. By default it gives you the A record when you use +short without other properties.
This means if you want to see something like your email records or Time To Live (TTL), SOA or even name servers you have to pass those through like this:
Querying email records:
dig noc.org +short mx mx 10 ALT3.ASPMX.L.GOOGLE.COM. 5 ALT1.ASPMX.L.GOOGLE.COM. 5 ALT2.ASPMX.L.GOOGLE.COM. 10 ALT4.ASPMX.L.GOOGLE.COM. 1 ASPMX.L.GOOGLE.COM.
Querying nameserver records:
dig noc.org +short ns ns12.dns-noc.org. ns12.dns-noc.net. ns7.dns-noc.org. ns7.dns-noc.net.
You can also manipulate the output of DIG without using +short by using other options.
For example, let's say we only want the answer response from dig, it would look something like this:
Removing all the noise, and focusing on the response while querying for the SOA record:
dig noc.org soa +nocomments +noquestion +noauthority +noadditional +nostats ; <<>> DiG 9.16.1-Ubuntu <<>> noc.org soa +nocomments +noquestion +noauthority +noadditional +nostats ;; global options: +cmd noc.org. 0 IN SOA ns7.dns-noc.org. security.noc.org. 1586927815 14400 3600 1209600 300
Example 3: Reverse Lookups with Dig
So now that you know what the A record is pointing to, is it correct?
Dig allows you to do a reverse lookup on an IP to see where it's pointing.
dig -x 188.8.131.52 +short cdn-edge-usa-central-dallas1.noc.org.
So now we see that it's the NOC Dallas DC.
Example 4: Querying Multiple Domains
Another important task is querying multiple domains, and dig makes that easy by allowing you to daisy chain the requests like this:
dig noc.org +noall +answer cleanbrowsing.org +noall +answer noc.org. 0 IN A 184.108.40.206 cleanbrowsing.org. 0 IN A 220.127.116.11