What is DIG command?

DIG command (Domain Information Groper command) is a network tool with a basic command-line interface that serves for making different DNS (domain name system) queries. You can use the DIG command to:

• Diagnose your name servers. Check all of them or each individual server and their response.
• Check all of the available DNS records or individual DNS records and their parameters.
• Trace IP addresses and see the hostnames that correspond to them.
• Do a query through a specific port that you want to use.
• See the TTL value of the DNS records and know, how often, do they refresh.
• Trace the route of a DNS query.

You can find the DIG command pre-installed on most Linux distros. You can easily install it on macOS, too with brew, and get the DIG command on Windows 10 with bind9.

History

The DIG (Domain Information Groper) command was originally introduced by Steve Hotz and incorporated into BIND 4 since at least 1990. However, later on, it was rewritten by Michael Sawyer and is now maintained by the Internet Systems Consortium as part of BIND 9.

At first, Dig was developed only for Unix-based systems, yet it quickly gained popularity and became a fundamental tool for network administrators due to its flexibility and detailed output. It allowed users to perform complex DNS queries and troubleshoot issues effectively. Over the years, DIG has evolved, maintaining its relevance in the field of network diagnostics and DNS analysis. Its robust features have made it a main tool for IT professionals.

How does it work?

The DIG command works by performing a DNS query from your device to the targeted IP address or hostname. The query will first arrive at your ISP’s recursive name servers. If there is your answer, it will return it fast. If not, your query will be re-routed in search of the answer. There could be another recursive DNS server that can answer the query, or it could arrive at the authoritative DNS name server, who for sure will have the answer, and you will get your DNS query resolved.  

How to Use the Dig Command?

To use the Dig command, follow these steps:

1. Open Command Prompt or Terminal: Depending on your operating system (OS), open the Command Prompt (Windows) or Terminal (MacOS/Linux).
2. Install Dig (if not already installed):
   • Windows: Dig is usually included with BIND, which can be downloaded from the ISC website. After downloading, follow the installation instructions.
   • MacOS: Dig typically is already an included part of the operating system. If it is not available, you can install it using Homebrew by running: brew install bind.
   • Linux: Most Linux distributions have Dig by default. However, if it is not available, you can install it using your package manager. For example, on Debian-based systems, run: sudo apt-get install dnsutils.
3. Run the Dig Command: In the Command Prompt or Terminal, type dig followed by the domain name you want to query. For example, to query information about “example.com”, you would type: dig example.com
4. Review the Output: The output will display different pieces of information about the domain, including the DNS records, response times, and other relevant details.
5. Specify Query Types (Optional): If you want to query specific types of DNS records (like A, MX, NS), add the record type to the command. For example, to query only the A records for “example.com”, type: dig example.com A
6. Advanced Options (Optional): Dig provides many options for more detailed queries and output customization. For example, to get a detailed query output, use: dig +noall +answer example.com. This command only shows the answer section of the query, making the output cleaner.

By following these steps, you can effectively use the Dig command to query DNS information and troubleshoot network issues.

How to install the Dig command?

DIG command syntax

The DIG (Domain Information Groper) command is an incredibly versatile tool used for querying Domain Name System (DNS) servers. Understanding its syntax is key to unlocking its full potential. The general format of a DIG command is as follows:

• @server: This is optional. Use it to specify the DNS server you want to query. If omitted, DIG uses the default server.
• domain: This is the domain name you are querying about.
• query-type: This specifies the type of DNS record you want to query (e.g., A, MX, NS). If not specified, DIG defaults to querying A records.
• options: DIG offers various options to format or filter query results. Here are some common options used with dig:
  • +short: Gives a shorter, more concise output.
  • +trace: Traces the path of the query across the DNS namespace.
  • +noall +answer: Shows only the answer section of the query.

The 10 most used DIG commands

Here you have 10 examples of DIG commands. We will use example.com as a hostname and 1.2.3.4. as an IP address. Feel free to try these commands with the domain and IP address you want by simply changing the text before you try. 

Open the Terminal application. We need it to write and execute the DIG command there.

1. How to find the website’s IP address?

Find the IP address of a particular domain name that you want to know. You can use the DIG command, without any additional option, which is:

dig example.com

It will do a DNS query, looking for the A records. They have the IP addresses which correspond to the domain name form the query.

The following dig command will give you a lot of extra information too. Data like the version of the DIG command you are using, a header that shows you what you did and who answered you, the port and protocol you used (usually UDP), the time it took for the query, the TTL of the record, and the server which answered you.

If you don’t want so much information, go for the short answer of just the IP address with this command:

Command Line:

$ dig example.com +short

Output:

1.2.3.4

The result will be just the IP address.

Looking for a great DNS service provider? Test ClouDNS for free!

2. How to find the name servers, responsible for your domain?

See all the name servers, in a list, for the particular domain. We will dig for the NS records, and again we will use the +short option to get just the name servers without extra data.

Command Line:

$ dig NS example.com +short

Output:

ns1.example.com.

ns2.example.com.

ns3.example.com.

ns4.example.com.

You want to see if all of the name servers are listed. If one is not showing, it means there are problems with it, and you will need to troubleshoot the problem further.

3. What is the delegation path to your DNS Zone?

See the delegation patch from the root server to your DNS zone. You can make a trace request and see the path, starting from the root server to your DNS zone.

We will use the option +trace.

Command Line:

$ dig example.com +trace

Output:

The answer will show you the route that a typical DNS query goes. You can see the hops and detect a problem, and where exactly the requests get lost.

4. Which is the responsible mail server for your domain?

Check the responsible mail servers for accepting emails.

Command Line:

$ dig MX example.com +short

Output:

1 ASPMX.L.GOOGLE.COM.

5 ALT1.ASPMX.L.GOOGLE.COM.

5 ALT2.ASPMX.L.GOOGLE.COM.

10 ALT3.ASPMX.L.GOOGLE.COM.

10 ALT4.ASPMX.L.GOOGLE.COM.

This query will be directed to the MX records. Inside them, we want to see if the mail servers are all showing and if the MX records are pointed correctly.

5. With which IP address a domain name is associated with?

Reverse DNS check, IP address to hostname. You can also perform the reverse DNS check and see to which hostname does an IP address belongs. For this purpose, the domain owner needs to have PTR DNS records with the IP address and pointed correctly.

Command Line:

$ dig -x 1.2.3.4

Output:

example.com

6. Which are the name servers, responsible for the TLDs (top-level domains)?

See the name servers, list of all of them, of the TLD you put in the query. Yes, you can also do this and check the name servers of a TLD like COM, EU, US, ASIA, or another.

The DIG command will be similar to the previous, but instead of a complete domain name, we will just put the TLD. In this case, “com”.

Command Line:

dig NS com +short

Output:

7. How to check if your DNS zone is synchonized over all authoritative name servers?

Command Line:

$ dig example.com +nssearch

Output:

SOA ns1.example.com. dns-admin.example.com. 2016042102 7200 1800 1209600 300 from server ns3.example.com in 14 ms.

SOA ns1.example.com. dns-admin.example.com. 2016042102 7200 1800 1209600 300 from server ns2.example.com in 22 ms.

SOA ns1.example.com. dns-admin.example.com. 2016042102 7200 1800 1209600 300 from server ns4.example.com in 88 ms.

SOA ns1.example.com. dns-admin.example.com. 2016042102 7200 1800 1209600 300 from server ns1.example.com in 125 ms.

Verify if your DNS zone is synchronized in all authoritative name server. This is a way to check the SOA records and see if their data matches. If your DNS zones are not synchronized, you will need to manually manage and update them. 

8. How can I check when the cache of an answer will expire?

See when the cache with the answer will expire.

Command Line:

$ dig example.com +noall +answer

Output:

;; global options: +cmd

example.com. 109 IN A 1.2.3.4

example.com. 109 IN A 1.2.3.4;; ->>HEADERexample.com. 109 IN A 1.2.3.4

example.com. 109 IN A 1.2.3.4

The additional options will remove unwanted information and just show the answer that we want, the TTL value for the A record. This value represents time in seconds, for how long it is still valid.

9. How to check if a zone exists on a name server?

Look if a zone exists on a particular name server. We want to see the SOA record again, but we will specify with “@” symbol on which name server we are searching for it. In this case, the name server is “ns1.example.com”.

Command Line:

$ dig SOA example.com @ns1.example.com 

You could get one of three results:

• NOERROR – yes, the zone exists.
• NXDOMAIN – no, it does not.
• REFUSED – the name server does not want to answer.

10. How to check which value is in cache in a given resolver?

Check what a particular resolver has in its cache memory. We will use Google’s DNS resolver (8.8.8.8) to see what it has for our domain name.

Command Line:

$ dig example.com @8.8.8.8

Output:

The post 10 Most used DIG commands appeared first on ClouDNS Blog.

But, it is not so often when one of these small command-line utilities has combined the functionality of two in a single program. MTR command is such a case. It is a combination of ping and traceroute. 

What is the MTR command?

MTR (Matt’s traceroute) is a program with a command-line interface that serves for network diagnostic and troubleshooting. The original code was created by Matt Kimball in 1997. One year later, Roger Wolff continued its work and renamed it to My traceroute.

The advantage of this software is that it combines the functionality of the Ping command and the Traceroute. Just like a typical traceroute query, a query from the MTR command will show the route from a computer to a specified host.  

This has the edge over the traditional is that it will also provide a lot of statistics about each hop, like response time and percentage.  

So, using the MTR command, you will get more information about the route and see problematic devices on the way. If you see a sudden increase in time of response or packet loss, you have found a bad link. 

In a brief, the MTR command serves you for the following:

• Check the connectivity from the computer with the command to a destination. 
• See packet loss. It will indicate the quality of the connectivity between the points. 
• Time for a round-trip. You can see the exact time it takes for the packets to reach the destination and provide a report.

The MTR command is available on Unix-based OSes like Linux (Ubuntu, CentOS, Fedora, etc.), macOS, and FreeBSD. There is a version of MTR for Windows, but with limited functionality. There is also WinMTR for Windows, but its code is different.  

Benefits of using it

The Linux MTR command offers a range of benefits in managing and troubleshooting networks: 

First, it helps determine precisely where network issues are located. By running the command, the user can identify the host or router on a given path that is causing the problem, making it much easier to locate the source of the issue and resolve it quickly with minimal disruption. 

Second, it is incredibly versatile and can be used for various tasks. Not only can it be used for troubleshooting purposes, but it can also be used for high-level performance monitoring and optimization. This is especially useful for administrators who need to keep an eye on the overall health of their networks.

Third, it is very easy to set up and use. The command is relatively straightforward, and the user can quickly start gathering valuable information without investing too much time and effort in setting it up or configuring it. In addition, once it is set up, it requires minimal maintenance and is well-suited for automated processes and long-term monitoring applications.

Performing MTR on Linux, macOS and Windows

How to use the MTR command on Linux or FreeBSD?

*You will need administrative privileges for MTR on Linux and FreeBSD (sudo)

• First, you will need to open the Terminal application.
• To get the MTR command on Linux (Ubuntu or Debian), you will need to install it with this command “sudo apt-get install mtr”, “sudo yum install mtr” for CentOS, Fedora or “sudo pkg iWnstall package_name” on FreeBSD. 
• Use the following command “mtr -rw [destination_host]” for basic information or check the syntax and the examples below, to do more advanced tasks. Change the destination_host with the one you like. Use it for 10-15 minutes.

How to use the MTR command on macOS?

*You will need administrative privileges for MTR on macOS (sudo). The command won’t be pre-installed, so you will need to install it first.

• You will need Brew to install it. Go to Brew’s site and there choose a language. 
• Under it, you will see a text command, copy it. 
• On your Mac computer, go to Applications, then Utilities, and there open the Terminal application. 
• Inside the Terminal, paste the text and press Enter. 
• You will be prompted a message to put your password. Do it and press Enter. 
• After Brew is already installed, you will need to write a new command: “brew install mtr” and press Enter. 
• When the MTR gets installed, you can start it with “sudo mtr” and Enter. Use this code “mtr -rw [destination_host]” to perform a basic check. Change the destination_host with the one you like. Run it for 10-15 minutes.
• Now you can start using the MTR command on macOS. See the syntax below and the examples to learn how to do more complex tasks. 

How to use the MTR command on Windows? 

• First, you need to download WinMTR from GitHub.
• Get the file called WinMTR-v100-static.zip, unzip it, and there will be two versions: WinMTR.exe (32bit) and WinMTR64.exe. 
• Choose depending on your version of Windows and double click it.   
• Put the host you want to check in the Host box. If you need extra options, you can see them in “Options”
• Press start and run it for a while (10-15 minutes). 
• Stop it when you think you got enough information. You can copy the text and save it in a text file. 

MTR command syntax and list of options

This is the syntax of MTR command on Linux: 

mtr [-hvrctglspni46] [–help] [–version] [–report] [–report-cycles COUNT] [–curses] [–split] [–raw] [–no-dns] [–gtk] [–address IP.ADD.RE.SS [–interval SECONDS] [–psize BYTES | -s BYTES] HOSTNAME [PACKETSIZE]

You can see all the available options for MTR command on Linux:

MTR command examples 

We will show you multiple examples of the MTR command and how to use it on Linux. You can use the same examples when you are using macOS or FreeBSD (there might be small differences). We will use Google.com as a hostname and some public IP addresses. You can change them and use them for your purposes.

The basic mtr command 

$ mtr google.com

It will show you the basic statistics: each hop (hostnames) with time and loss%. 

Show numeric IP addresses

$ mtr -g google.com

If you use “-g” you will get IP addresses (numbers) instead of hostnames. You can use the IP addresses with another tool for further diagnosis.

Show the numeric IP addresses and hostnames too

$ mtr -b google.com

Now you will see both hostnames and IP addresses. The addresses will be inside brackets. 

Set the number of pings that you want to send 

$ mtr -c 10 google.com

In this case, you are setting the number of pings that you want to send (10 in this case). You can set it to a big number like 1000 to check a hostname for a longer period and get a better idea of the connectivity. 

Get a report of the MTR command result

$ mtr -r -c 10 google.com >mtr-command-google

or

$ mtr -rw -c 10 google.com >mtr-command-google

We do that with the “-r”. Here we have set the number of pings to 10, and the last part, “mtr-command-google”, is the name that you can change the way you like. 

When you use the “-rw” you can get a cleaner report, easier on the eyes.

Rearrange the report 

$ mtr -o “LSDR NBAW JMXI” google.com

The “-o” is for output. You can change the report format with this code, so you get the information the way you like. 

Time intervals between ICMP ECHO requests

$ mtr -i 10 google.com

With “-c”, we set the number of pings. With the “-i” you set the time interval between the ICMP ECHO pings. 

Use TCP 

$ mtr –tcp google.com

Force the use of the TCP instead of the ICMP. 

Use UDP

$ mtr –udp google.com

Force the use of the UDP instead of the ICMP. 

Set the maximum amount of hops 

$ mtr -m 35 216.58.223.78

We will use “-m” and a value of 35 to a specific IP address. You can change it to a more significant value if the query does more hops on the way. 

Define the packet size

$ mtr -r -s 50 google.com

You can decide the specific packet size for the pings. In this example of a MTR command, we are using 50 bytes. 

Print to CSV Output

$ mtr –csv google.com

Use it if the CSV format works better for you than the traditional report. 

Print to XML Output

$ mtr –xml google.com

Use it if the XML format works better for you than the regular report. 

More information and help

$ man mtr

or

$ mtr –help

Those two commands can give you more information about the MTR command and how to use it

MTR and Traceroute, Ping, Nslookup, Host, and Dig

MTR is a powerful yet versatile network monitoring and troubleshooting command, and in combination with Traceroute, Ping, Nslookup, Host, and Dig, you can have a complete overview of your network. Let’s look at them in more detail:

The traceroute command is a valuable utility for measuring the latency between two points on a network. By running a traceroute, the user can view all of the hops between two systems and quickly identify network problems such as packet loss or slow speeds.

For more basic load measuring, the ping command is often used. It measures latency, packet loss, and other metrics between two devices on the network. Ping is a simple tool that is easy to understand and use, making it a popular choice for those just starting with network monitoring.

The nslookup command (abbreviated from “name server look-up”) allows users to query domain name servers from a command line interface. This command can be used to query a DNS server for a specific domain name or IP address, obtaining information about the associated record and the underlying DNS records. nslookup is a helpful tool for troubleshooting name resolution problems and verifying the results of another name resolution query.

The host command is an alternative to nslookup, providing advanced features such as recursion and low-level control over the query process. It allows users to perform DNS lookup operations in bulk, as well as query a DNS server for multiple records in a single command. It provides more control over the entire name resolution process than nslookup and is a valuable troubleshooting tool for more complicated name resolution issues. 

The dig command (short for “domain information groper”) is a robust DNS troubleshooting tool that provides a variety of features and settings for configuring and optimizing DNS queries. Unlike nslookup and host, dig allows users to send numeric requests, giving them more control over the behavior of their DNS queries. It also provides detailed information about the results of its queries, making it a great choice for more experienced users who are looking for in-depth analysis of the DNS records.

Security Concerns with MTR

The Linux MTR command offers a range of benefits for managing and troubleshooting networks, but it is important to consider the security implications of using it. Here are some of the most common security concerns with MTR: 

First, MTR commands can potentially reveal private information. For example, the command may reveal the operating system running on a remote machine or the precise network path between two computers. This can facilitate attacks and data breaches, as malicious actors can use this information to launch more targeted attacks.

Second, MTR commands can also be used to initiate Denial of Service (DoS) or DDoS (Distributed Denial of Service) attacks. For example, a malicious user could send multiple MTR requests to a given server to overwhelm it with requests and cause a DoS event.

Finally, MTR commands can be deployed in networks to gain unauthorized access. By running MTR commands, a malicious user may be able to discover vulnerabilities in networking configurations and gain access to sensitive data. Any unauthorized access to networked systems needs to be blocked and reported as soon as possible.

Best practices when using the MTR command

In order to ensure that the MTR command works to its fullest potential, it is recommended that you follow some best practices that can help maximize its effectiveness. These practices can help ensure that the MTR command serves you efficiently and accurately and provides you with the information you need to troubleshoot network issues effectively.

• Selecting Destination Hosts: Choose destination hosts strategically to diagnose specific network segments or endpoints relevant to the precise issue.
• Results Interpretation: Understand the significance of packet loss and latency values, considering factors like network topology, distance, and time of day.
• Comparative Analysis: Compare MTR outputs from different time periods or under different network conditions to identify patterns and trends.
• Collaboration: Share MTR reports with network peers or ISPs when seeking assistance or troubleshooting network issues collaboratively.
• Security: Be aware of the importance of privacy and security when sharing network traces, especially if they contain sensitive information. Remove or anonymize any sensitive data before sharing the results.

Conclusion

The MTR command is a good combination of two popular tools: Ping and Traceroute. It is easy to use and can be found on different OSes. Using the MTR command efficiently and effectively measures network latency, identifies potential issues, and troubleshoots connections.

The post Linux MTR command appeared first on ClouDNS Blog.

What is the Host command?

The Host command is a software with a command-line interface that serves to test DNS. Internet Systems Consortium created it, and it is distributed as a permissive free software with an ISC license. 

As we mentioned already, the Host command is a utility tool for network diagnostic that you can use to probe different DNS records. You can see the A or AAAA records to get the IP address of a domain, see the name servers, find the start of authority, MX records, and more.

The purpose of the Linux Host command

The purpose of the Linux Host command is to query Domain Name System (DNS) servers to resolve domain names to IP addresses or vice versa. It is a command-line tool that can be used to retrieve DNS information about a hostname or domain, such as its IP address, aliases, or mail exchange (MX) records.

The Host command is a beneficial tool for developers and IT professionals who need to troubleshoot network issues or debug applications that rely on DNS. By using the Host command, they can quickly determine if a hostname is resolving to the correct IP address or if there are any issues with the DNS resolution process.

Additionally, the Host command can be used to perform advanced DNS queries, such as retrieving different types of DNS records and setting a specific timeout value. This makes it a versatile tool that can be used in various scenarios, from simple DNS lookups to more complex network debugging tasks.

Host command syntax

If you want to see the syntax of the Host command and the options that it has, you can simply write “host” and press “Enter.”

host [-aCdlnrsTwv] [-c class] [-N ndots] [-R number] [-t type] [-W time] [-m flag] [-4] [-6] hostname [server]

Host command Options

Here you can see all the available options. Whenever you forgot them, just write “host” in the Terminal.

Host command examples

For all the cases we will use Google.com. You can change Google.com with your domain or whichever else domain that you are interested in. We will give you several examples that can be useful for your work.

Search for the IP address of the domain.

host google.com

This command will show the content of the A and AAAA records. You will get IPv4 and IPv6 results for the domain.

SOA Record

See the Start of Authority records with this command. The SOA record is used for zone transfer. There could be only one SOA record per zone file. If you see more, then you need to fix the problem.

host –C google.com

Check the name servers of the domain

host –t ns google.com

It will display the name servers of the host. The –t, we use to specify the type of query. When you know all of the available name servers, you can test them individually. 

Check a particular name server

You want, for example, to review the ns1. To see if it is responsive or is there any problem, so you type:

host google.com ns1.google.com

 CNAME record

host –t cname mail.google.com

You can use it to find CNAME record. Those records will link one alias to the true name, the canonical. 

MX record

Check the incoming mail server with this query. You can see if they are responding correctly. 

host –n –t mx google.com

TXT Record

You can also check TXT records. There are various TXT DNS records that serve for authentication or verification. One of them is the SPF record that shows who can send emails from the particular domain. 

host –t txt google.com

Decide the Waiting time for a query

You can use –w to wait forever or –W and time in seconds to decide how long to wait for a reply.

host –T –W 10 google.com

Reverse lookup

You can also check the IP and see the host. It is a must to set the Reverse Lookup Zone for your mail server to work properly. 

host 216.58.194.142

Host command to see all of the DNS records for a domain

host –a google.com

You will get information about various types of records – NS, AAAA, MX, etc. With that report, later, you can probe each DNS individually. 

Change the default number of tries from 1 to the number you desire

host -R 8 google.com

In this example of host command, we changed from 1 to 8, the number of tries. The domain will have 8 chances to respond. When it manages to answer, it will stop the retries.   

-R : In order to specify the number of retries you can do in case one try fails. If anyone try succeeds then the command stops.

Troubleshooting Tips

When using the Linux Host command for DNS queries, you may encounter various issues. Here are some troubleshooting tips to help you resolve common problems:

• Domain does not resolve: If a domain doesn’t resolve, first ensure that the domain name is correctly spelled. Next, check your network connection and confirm that your DNS servers are set up correctly. Use other DNS tools like dig or nslookup for comparison. If the issue persists, it might be due to DNS propagation delays, which can take up to 48 hours after a DNS change.
• Interpreting error messages: Error messages can provide insights into what’s wrong. For example, “Host not found” suggests the domain name does not exist or DNS propagation has not completed. “Connection timed out” indicates a problem reaching the DNS server, possibly due to network issues or incorrect DNS server settings.
• DNS propagation delays: After DNS changes, it can take time for the updates to propagate through the internet’s DNS system. Use tools like whois or online DNS checkers to see if your changes have propagated. Patience is key here, as this process is beyond your direct control.

Alternatives to the Host command

There are several alternative DNS probing tools that you can use in place of the Host command, and some of the most popular ones include:

• Nslookup command: This tool is available on Linux, macOS, and Windows, and is straightforward to use. It’s a reliable, always-on-hand option for DNS lookups.
• Dig command: Some users prefer this tool over Host as it has additional options and can retrieve all types of DNS records.
• Ping command: While not as comprehensive as other tools, this network utility is useful for checking host availability by sending packets to a host or IP address to see how it responds.

Exploring and learning to use various DNS probing tools is great. Having multiple options on hand can be beneficial, especially if you manage multiple sites or need to troubleshoot different types of network issues.

Conclusion:

This was the Host command. Now you have one more way to troubleshoot your DNS. If you are interested in diagnostic tools, we recommend you the following articles too: Dig command, Nslookup, Traceroute, MTR and Ping. They will expand your knowledge in DNS diagnostic.

The post Linux Host command, troubleshot your DNS appeared first on ClouDNS Blog.