Dig
What is the purpose of Dig?
The dig (domain information groper) command is an open source tool. Dig command is very flexible tool that can be used to interrogate DNS name servers. It performs the DNS lookups and then shows the answers returned from the interrogated name server(s) in the output. Due to its flexibility, ease of use, and clarity of output, most DNS administrators will use the dig command to troubleshoot DNS problems.
Here are the primary uses of Dig:
-
Domain Name Resolution: The Dig utility finds a domain name for the IP address or vice versa; this process is an important part of connectivity to and routing on the Internet.
-
DNS Record Lookup: Dig returns so many record(A, AAAA, MX, TXT, and NS DNS) types. All these are detailed records for a domain's configuration and the resources associated with it.
-
Debugging DNS Issues: Dig helps in identifying DNS resolution issues. It sends queries to specified DNS servers and analyzes their responses. For security professionals, it aids in identifying and resolving network connectivity and DNS configuration problems.
Core Features
- DNS Querying
- Custom DNS Server Queries
- Detailed Output
- Reverse DNS Lookup
- Trace Option
Data sources:
- Local DNS Cache
- Configured DNS Servers
- Authoritative DNS Servers
- Root DNS Servers
Common Dig Commands
1. Basic Query
- Perform a basic DNS query for the specified domain.
dig example.com
2. Querying Specific Record Types
- This command queries DNS record types focused by users, such as A, MX, or TXT.
dig example.com MX
3. Short Output
- This command displays a summarized output of the query result. In some cases, a concise output may be sufficient rather than focusing on all the details.
dig +short example.com
4. Querying a Specific DNS Server
- This command queries a user-specified DNS server for the domain.
dig @8.8.8.8 example.com
5. Reverse DNS Lookup
- This command performs a reverse DNS lookup for the IP address provided by the user.
dig -x 8.8.8.8
6. Trace DNS Resolution Path
This command traces the DNS resolution path for the URL provided by the user, from the root servers to the authoritative servers.
dig +trace example.com
7. Querying Name Servers
- This command is provides for logging the results to a specified file. Its necessary for post-analysis assessments by experts and integration with other security tools.
dig example.com NS
8. Debugging Information
- This command displays detailed information about the query process and response in Dig. This feature can be heavily utilized by security professionals and some researchers for their specific purposes.
dig +debug example.com
9. Querying with DNSSEC
- This command gibes query DNS records with DNSSEC (Domain Name System Security Extensions) information.
dig +dnssec example.com
10. Help and Usage Information
- Display help information and usage options for the
digcommand.
dig -h
Alternative usage:
dig --help
Output Examples of Dig Commands
| Command | Example Usage | Function | Output Example |
|---|---|---|---|
| Basic Query | dig example.com +short | Provides a brief answer to the query. | 93.184.216.34 |
| Display Answer Only | dig example.com +noall +answer | Displays only the answer section of the query. | example.com. 3600 IN A 93.184.216.34 |
| Display Statistics | dig example.com +stats | Displays statistics about the query. | Query time: 20 msec |
| Trace DNS Path | dig example.com +trace | Traces the path from the root DNS servers to the authoritative servers. | Trace complete. |
| Omit Command Line | dig example.com +nocmd | Omits the initial command line from the output. | example.com. 3600 IN A 93.184.216.34 |
| NS Query and Consistency Check | dig example.com +nssearch | Performs an NS query for the specified domain and checks all listed name servers for consistency. | NS records for example.com are consistent. |
| Query Specific DNS Server | dig @8.8.8.8 example.com | Queries the specified DNS server. | 93.184.216.34 |
| Specify Record Type | dig example.com -t MX | Specifies the type of DNS record to query (e.g., A, MX). | example.com. 3600 IN MX 10 mail.example.com. |
| Use Custom Port | dig example.com -p 5353 | Uses the specified port number for the query (default is 53). | example.com. 3600 IN A 93.184.216.34 |
| Query Specific Domain | dig -q example.com | Queries the specified domain name. | example.com. 3600 IN A 93.184.216.34 |
| Use TSIG Key | dig example.com -k keyfile | Specifies a TSIG key file for secure DNS queries. | Secure query with keyfile |
| Control Question Section | dig example.com +noquestion | Controls the display of the question section of the query. | example.com. 3600 IN A 93.184.216.34 |
| Control Answer Section | dig example.com +noanswer | Controls the display of the answer section of the query. | example.com. 3600 IN A 93.184.216.34 |
| Show/Hide Authority Section | dig example.com +noauthority | Shows or hides the authority section. | Authority section omitted. |
| Show/Hide Additional Section | dig example.com +noadditional | Displays or hides the additional section. | Additional section omitted. |
| Show/Hide Comments | dig example.com +nocomments | Shows or hides the comments in the output. | Comments omitted. |
| Show/Hide Statistics | dig example.com +nostats | Displays or hides the statistics. | Statistics omitted. |
| Show/Hide TTL Values | dig example.com +nottl | Controls the display of TTL values. | TTL values omitted. |
| Toggle Recursion | dig example.com +norecurse | Toggles recursion for the query. | Recursion disabled. |