Using dig To Check Your DNS On Linux Servers
Domain names are pretty important since they serve as your computer’s online identities. IP addresses are pretty hard to remember, and IPv6 addresses are even worse. A good domain name must be memorable, and should make it easy for your users to get to your services as it acts as an alias for an IP. The domain name system serves as a collection of servers that keeps a list of how domain names relate to different IP addresses. Sometimes though, things can go wrong and it doesn’t work as expected. This is where we can use dig (domain information groper) to help debug these DNS problems.
What is dig?
dig is a command line tool that is installed to most Linux systems as default. It is designed to allow you to query DNS servers for information about domain names, and reports back the relevant matching records that it finds. In its basic use, the command is as simple as:
dig example.com
In this example, it will search for DNS A records (records indicating the IPv4 address for the domain) for example.com using your system’s default name servers. You can search for any type of records that you wish by specifying the domain type after the domain name:
dig example.com AAAA
dig example.com MX
dig example.com any
In these examples, the first command looks for AAAA records (IPv6), the second for MX records (mail server), and the third command looks for any records.
You can also specify the server that you want to check for DNS records by including it at the end of the command prefixed with the @ (at) symbol. This can be helpful if you obtain reports of some users having issues that you are unable to replicate, as you can directly query their nameservers using dig to see what responses they are getting, and comparing those responses to the results from your own nameservers.
dig example.com @8.8.8.8
In this example, we’ve looked for DNS A records for example.com from Google’s public nameserver 8.8.8.8. You can also use a nameserver’s domain name after the @ symbol instead of the IP address if you wish.
Using dig
So now you know how to use dig, let’s have a look over the output of it. Here’s the result of running the command “dig example.com any”:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> example.com any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50991
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN ANY
;; ANSWER SECTION:
example.com. 48848 IN A 93.184.216.34
example.com. 49027 IN AAAA 2606:2800:220:1:248:1893:25c8:1946
example.com. 48804 IN NS a.iana-servers.net.
example.com. 48804 IN NS b.iana-servers.net.
example.com. 3596 IN SOA sns.dns.icann.org. noc.dns.icann.org. 2017102417 7200 3600 1209600 3600
;; Query time: 20 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Dec 02 10:57:38 GMT 2017
;; MSG SIZE rcvd: 189
Results Explanation
- The first line shows us the version of dig being used and the query given.
- This is followed by some additional information about the query made. Under this we have the question section, again showing the query that was sent.
- Next, we get the answer section which will feature a line for each DNS record that matches the query sent. The answers are broken into 5 columns, the first is the domain name that the record applies to, the second is the Time To Live “TTL” value which tells a nameserver how long it should hold on to this data for before asking for an updated record.
- Then we have the class of DNS entry, which will almost always be “IN” for Internet.
- Next we have the record type.
- Finally, the line concludes with the records entry.
Note: Underneath the Answer section there are final details about the query such as: how long it took, the server queried, when the query was made and the size of the response.
If you are interested to know more details about the various DNS record types, there’s a good listing on Wikipedia that should help explain them all.