Linux dig command (Domain Information Groper) examples for DNS Lookup

Dig (Domain Information Groper) is a networking tool that can query DNS servers for information. It can be very helpful for diagnosing problems with domain pointing and is a good way to verify that your configuration is working. dig command replaces older tool such as nslookup and the host. dig tool is available in major Linux distributions.
In this article, we will discuss how to use dig to verify your domain name settings and return data about how the internet sees your domain.

The Linux dig (Domain Information Groper) command understanding

When you pass a domain name to the dig command, by default it displays the A record (the ip-address of the site that is queried) as shown below.
In this example, it displays the A record of in the “ANSWER SECTION” of the dig command output.

$ dig

; <<>> DiG 9.10.3-P4-Ubuntu <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

Now we will read the output:

; <<>> DiG 9.10.3-P4-Ubuntu <<>>
;; global options: +cmd

This section tell us about dig itself. We know the dig version that we used is 9.10.3 and the global option we used is +cmd.

;; Got answer:
;; ->>HEADER<

This section will tell us about the technical answer from the DNS.

;			IN	A

This section is tell us about what query we asked to dig.

;; ANSWER SECTION:		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A		191	IN	A

This displays the answer it receives from the DNS. i.e This is your output. This displays the A record of

;; Query time: 26 msec
;; WHEN: Fri Feb 10 18:36:36 CET 2017
;; MSG SIZE  rcvd: 295

Stats section at the bottom displays few dig command statistics including how much time it took to execute this query

How to Use Dig to Test DNS Records

Query Domain “A” Record

The A record maps a domain or subdomain to an IP address also we can say IP address points to domain name.

$ dig

One way to cut down the output is to use the +short option. which will drastically cut the output as shown below.

$ dig +short

Example output:

$ dig +short

Querying NS Record for Domain

NS spcefied to Name Servers, The NS record specifies an authoritative name server for given host. view your name servers which is pointing to your domain name.

$ dig NS

; <<>> DiG 9.10.3-P4-Ubuntu <<>> NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

Querying MX Record for Domain

The MX record is used to sets the mail delivery destination for a domain name.
The below command to view your domain MX record:

$ dig MX +short

Querying TXT Record for Domain

A TXT record provides about hold some text information to sources outside your domain. This can create an SPF record on nameservers also use to create a DKIM record for mail signing.

$ dig TXT +short
"v=spf1 ~all"

Querying SOA (Start of Authority) Record for Domain

SOA is information stored in a DNS zone with the name of the host where it was originally created, Each zone contains a single SOA record.

$ dig SOA +short 147159312 900 900 1800 60

DNS Reverse Look-up

Dig is not only for querying a name into an IP Address. Dig can do reverse lookup which querying the IP Address into a name. To do this, use -x option:

$ dig -x +short


Dig is one of the tool available in the Linux operating system for interrogating DNS servers. With dig flexibility, administrators can use it to custom the dig output. As usual we can always type man dig or dig -h to explore more detail about dig command.

Exit mobile version