The dig stands for Domain Information Groper. It is a troubleshooting tool. You can use it to troubleshoot DNS-related issues, such as knowing whether a DNS server is up or down, viewing particular DNS records from a specific DNS server, and sending custom DNS queries to the default or a particular DNS server.
It uses the following syntax.
#dig [option] [argument]
Options modify the output. Arguments feed the information to the command. You need to specify all required information such as domain name and query type as arguments.
Performing basic DNS lookup
To perform a basic DNS lookup, specify the domain name as an argument to the dig command. For example, the following command lookup for the domain name google.com.
#dig gogole.com
This command sends a DNS query to resolve the domain name google.com to the DNS server configured in /etc/resolv.conf file and prints the response it receives.
Specifying a custom DNS server
If you want to send the same query or another query to a specific DNS server, you need to specify its name or IP address as an argument after the @ sign. For example, the following dig command sends a DNS query to resolve the name yahoo.com to Google's public DNS server.
#dig yahoo.com @8.8.8.8
Changing query or resource record type
By default, the dig command queries for the DNS record type A. To query for a different type of DNS record, we need to use the -t option followed by the record type. For example, to query for NS records, use the -t NS after the domain name. To query for MX records, use the -t MX after the domain name.
The following command prints MX records of the domain yahoo.com. It retrieves this information from Google's public DNS server.
#dig yahoo.com @8.8.8.8 -t MX
Changing arguments order
There is no pre-defined order for arguments. You can specify them in any order. The dig command automatically arranges them in proper order. For example, you can specify the arguments of the above command in the following order.
#dig -t MX @8.8.8.8 yahoo.com
The following command prints the name servers of the domain yahoo.com.
#dig yahoo.com @8.8.8.8 -t NS
Performing reverse lookup
In the forward lookup, we translate a name into the IP address. In the reverse lookup, we translate an IP address into the name. You can perform a reverse lookup similar to the forward lookup. To perform a reverse lookup, we use the -x option. After the -x option, specify the IP address as an argument to the dig command. The following command performs a reverse lookup for the IP address 8.8.8.8.
#dig -x 8.8.8.8
Displaying only particular information in the output
By default, the dig command displays the response it receives from the DNS server. It includes a lot of information. To view a specific part of the information, you can use the +noall and +[section] options. The +noall removes all information from the output. After this option, we can add the section, we want to see in the output. For example, the following command prints only the answer section from the output.
#dig google.com +noall +answer
The following command prints the authoritative section from the output.
#dig google.com +noall +authority
Important options for the dig command
The dig command supports many options. The most important options are the following.
The -x option
By default, the dig command performs the forward lookup. This option instructs the dig command to perform the reverse lookup. It changes the default record type looked up to PTR.
The -p option
By default, the dig command sends DNS queries on port 53. If a DNS server is configured to listen on another port, you can use this option to specify that port.
The +norec option
By default, the dig command sends recursive queries. This option instructs the dig command to send non-recursive queries.
The +vc option
By default, the dig command uses the UDP protocol to send DNS queries. If we use this option, it uses the TCP protocol to send DNS queries.