Dig Command: The Most Common Use Cases in Examples

This example-filled guide shows you how to make the most of the Linux dig command to perform DNS lookups, reverse lookups, and more.
Dig Command: The Most Common Use Cases in Examples

The dig command, short for Domain Information Groper, is a highly versatile and helpful tool for network administrators and those working in the domain name system (DNS) realm. It allows you to query DNS servers for information about host addresses, mail exchanges, name servers, and other related DNS records.

This powerful command has many applications and can be used for various tasks, from simple DNS lookups to more advanced troubleshooting and analysis. This article will explore some of the most common use cases for the dig command and provide examples to illustrate its functionality.

Additionally, the nslookup command is a popular tool that can be used instead of the dig command. It has similar functionality and is usually easier to use, although it does not have the more advanced features offered by dig. You’ll find our guide on the subject very helpful if you want to learn how to use the nslookup command.

Installing Dig Command

If the dig command is not installed on your Linux distribution, you can quickly and easily install it using one of the below commands.

Debian and Debian-based Distros (Ubuntu, Linux Mint, Pop!_OS)

sudo apt install dnsutils

Red Hat and RHEL-based Distros (Fedora, CentOS Stream, AlmaLinux, Rocky Linux)

sudo dnf install bind-utils

Arch Linux and Arch-based Distros (Manjaro, EndeavourOS, Garuda Linux)

sudo pacman -S dnsutils

openSUSE

sudo zypper in bind-utils

Dig Command Syntax

The basic syntax of the dig command is:

dig [@server] [name] [type]Code language: CSS (css)
  • @server: The hostname or IP address of the DNS server to which the request is directed. If no DNS server is specified, dig uses the DNS server that is currently configured for your system.
  • name: Specifies the domain name that is to be looked up.
  • type: The type of DNS record to retrieve. If left blank, dig retrieves the A record type by default.

To give an example, to retrieve the MX record for the domain archlinux.org using the Google DNS server at 8.8.8.8, our dig command would be as follows:

dig @8.8.8.8 archlinux.org MXCode language: CSS (css)
dig command
dig command

Basic DNS Lookup with dig

When no other options are supplied, the dig command will display the A record by default in the ANSWER section.

dig archlinux.orgCode language: CSS (css)
Basic DNS lookup with dig.
Basic DNS lookup with dig.

This section has five columns, each of which stands for:

  1. The domain name that is to be looked up.
  2. Time to live period – a setting that tells the DNS resolver how long to cache a query before requesting a new one.
  3. Class of the query – IN refers to the Internet.
  4. DNS query type – can be A, AAAA, CNAME, MX, NS, PTR, CERT, SRV, TXT, SOA, etc.
  5. The IP address associated with the domain name.

Remove the Comments from the DNS Query Answer

You can significantly reduce the amount of information returned to you by the dig command by adding the “+nocomments” option.

dig archlinux.org +nocommentsCode language: CSS (css)
Remove the comments from the DNS query answer.
Remove the comments from the DNS query answer.

Query the Answers Section Only

Dig provides a simple way to focus solely on the ANSWER section. Combining the options “+noall,” which clears all display flags, and “+answer,” which includes the ANSWER section in the query response, yields a clean and easy-to-read result.

dig archlinux.org +noall +answerCode language: CSS (css)
Query the answers section only.
Query the answers section only.

Return Only the Address in a Reply

We can further simplify the returned result by adding the “+short” option to remove any additional information from the response to our dig query and get back only the address.

dig archlinux.org +shortCode language: CSS (css)
Return only the address in a reply.
Return only the address in a reply.

Specifying DNS Server

By default, dig sends queries to the DNS server specified as the default for use locally on your Linux system. Sometimes, however, you may want to send the query to a DNS server other than your default. To do so, use the syntax “@server,” where “server” is the IP address or name of the DNS server.

For example, to send a query to the Google DNS server that has an IP address of 8.8.8.8, type:

dig @8.8.8.8 archlinux.orgCode language: CSS (css)
Querying another DNS server with dig.
Querying another DNS server with dig.

Search for Specific Record Type with dig

DNS record types vary, the most common being A, CNAME, MX, NS, TXT, etc. Their complete list is available here. In addition, you can use the dig command to search for a specific DNS record type by adding its name to the end of the command.

For example, to obtain information about the MX (Mail Exchanger) record, type:

dig archlinux.org MXCode language: CSS (css)
Querying for DNS MX type with dig.
Querying for DNS MX type with dig.

Quite similarly, you can send requests for other DNS record types.

dig archlinux.org NS
dig archlinux.org TXT
dig archlinux.org SOA
dig archlinux.org PTR
dig archlinux.org AAAACode language: CSS (css)

Or get all records together using the special keyword “ALL. “

dig archlinux.org ALLCode language: CSS (css)

Trace DNS Path with the dig Command

If you are unsure where a misconfiguration may be causing an issue, you can do a “+trace” to see what is happening at each step of the lookup process.

Trace the DNS path with the dig command.
Trace the DNS path with the dig command.

Reverse DNS Lookup with dig

To look up a domain name by its IP address, use the dig’s “-x” option. This option sets simplified reverse DNS lookups for mapping addresses to names. The address can be an IPv4 address in dotted-decimal notation or a colon-delimited IPv6 address.

In the following example, dig will run a reverse DNS query for the IP address associated with archlinux.org.

dig -x 95.217.163.246Code language: CSS (css)
Reverse DNS lookup with dig.
Reverse DNS lookup with dig.

Multiple dig Queries at Once

Instead of doing a dig query for each domain separately, you may use dig to perform a DNS lookup for a list of domains (batch queries). To do so, insert the domain names in a text file, one per line, and run the dig query on the file using the “-f” option.

Domains list.
Domains list.

We’ve also added the “+short” option to display query results conveniently.

dig -f domains.txt +shortCode language: CSS (css)
Batch DNS queries.
Batch DNS queries.

Adjust Default dig Options

It can be annoying to write the dig command with the same options repeatedly if we use it frequently. Fortunately, the “~/.digrc” file allows us to redefine all the default values with which the command is executed so that we don’t have to write them every time.

Assume you want dig always to show you the query output with the comments removed by default. Create a “.digrc” file in your home directory and add the appropriate option, in this example, “+nocomments,” to it. If you want to include more options, place them one after the other on a separate line.

vim ~/.digrc
The .digrc file.
The .digrc file.

Save the file and exit. The next time you run the dig command without any other options, you will only get the short answer to your DNS query.

dig archlinux.orgCode language: CSS (css)
Adjust the default dig options.
Adjust the default dig options.

Conclusion

The dig command is a valuable asset for system administrators and network engineers, from basic queries to complex ones. Whether you’re troubleshooting DNS issues, researching domain names, or simply checking the information of a specific website, the dig command offers a versatile solution. With numerous options and flags, you can tailor the output to meet your needs and extract the required information.

In this article, we’ve covered the most frequent use of the dig command to query DNS servers. We hope we have been of help to you. You can find more information regarding dig on its manual page.

Please feel free to leave your comments, suggestions, and additions in the section below.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Linux News You'll Love!

Craving the latest in Linux? Get your weekly fix with our newsletter. It's everything Linux, straight to your inbox! It's fun, it's free, and it's full of insights!

Think You're an Ubuntu Expert? Let's Find Out!

Put your knowledge to the test in our lightning-fast Ubuntu quiz!
Ten questions to challenge yourself to see if you're a Linux legend or just a penguin in the making.

1 / 10

Ubuntu is an ancient African word that means:

2 / 10

Who is the Ubuntu's founder?

3 / 10

What year was the first official Ubuntu release?

4 / 10

What does the Ubuntu logo symbolize?

5 / 10

What package format does Ubuntu use for installing software?

6 / 10

When are Ubuntu's LTS versions released?

7 / 10

What is Unity?

8 / 10

What are Ubuntu versions named after?

9 / 10

What's Ubuntu Core?

10 / 10

Which Ubuntu version is Snap introduced?

The average score is 68%

Related Posts

2 Comments

  1. the type “ALL” does not seem to work `dig archlinux.org ALL` at least for me with (Version DiG 9.18.18-0ubuntu0.22.04.2-Ubuntu). Cant find it in any other docu though. Is this made up?

Leave a Reply

Your email address will not be published. Required fields are marked *