What is DIG command?

DIG command (Domain Information Groper command) is a network tool with a basic command-line interface that serves for making different DNS (domain name system) queries. You can use the DIG command to:

• Diagnose your name servers. Check all of them or each individual server and their response.
• Check all of the available DNS records or individual DNS records and their parameters.
• Trace IP addresses and see the hostnames that correspond to them.
• Do a query through a specific port that you want to use.
• See the TTL value of the DNS records and know, how often, do they refresh.
• Trace the route of a DNS query.

You can find the DIG command pre-installed on most Linux distros. You can easily install it on macOS, too with brew, and get the DIG command on Windows 10 with bind9.

History

The DIG (Domain Information Groper) command was originally introduced by Steve Hotz and incorporated into BIND 4 since at least 1990. However, later on, it was rewritten by Michael Sawyer and is now maintained by the Internet Systems Consortium as part of BIND 9.

At first, Dig was developed only for Unix-based systems, yet it quickly gained popularity and became a fundamental tool for network administrators due to its flexibility and detailed output. It allowed users to perform complex DNS queries and troubleshoot issues effectively. Over the years, DIG has evolved, maintaining its relevance in the field of network diagnostics and DNS analysis. Its robust features have made it a main tool for IT professionals.

How does it work?

The DIG command works by performing a DNS query from your device to the targeted IP address or hostname. The query will first arrive at your ISP’s recursive name servers. If there is your answer, it will return it fast. If not, your query will be re-routed in search of the answer. There could be another recursive DNS server that can answer the query, or it could arrive at the authoritative DNS name server, who for sure will have the answer, and you will get your DNS query resolved.  

How to Use the Dig Command?

To use the Dig command, follow these steps:

1. Open Command Prompt or Terminal: Depending on your operating system (OS), open the Command Prompt (Windows) or Terminal (MacOS/Linux).
2. Install Dig (if not already installed):
   • Windows: Dig is usually included with BIND, which can be downloaded from the ISC website. After downloading, follow the installation instructions.
   • MacOS: Dig typically is already an included part of the operating system. If it is not available, you can install it using Homebrew by running: brew install bind.
   • Linux: Most Linux distributions have Dig by default. However, if it is not available, you can install it using your package manager. For example, on Debian-based systems, run: sudo apt-get install dnsutils.
3. Run the Dig Command: In the Command Prompt or Terminal, type dig followed by the domain name you want to query. For example, to query information about “example.com”, you would type: dig example.com
4. Review the Output: The output will display different pieces of information about the domain, including the DNS records, response times, and other relevant details.
5. Specify Query Types (Optional): If you want to query specific types of DNS records (like A, MX, NS), add the record type to the command. For example, to query only the A records for “example.com”, type: dig example.com A
6. Advanced Options (Optional): Dig provides many options for more detailed queries and output customization. For example, to get a detailed query output, use: dig +noall +answer example.com. This command only shows the answer section of the query, making the output cleaner.

By following these steps, you can effectively use the Dig command to query DNS information and troubleshoot network issues.

How to install the Dig command?

DIG command syntax

The DIG (Domain Information Groper) command is an incredibly versatile tool used for querying Domain Name System (DNS) servers. Understanding its syntax is key to unlocking its full potential. The general format of a DIG command is as follows:

• @server: This is optional. Use it to specify the DNS server you want to query. If omitted, DIG uses the default server.
• domain: This is the domain name you are querying about.
• query-type: This specifies the type of DNS record you want to query (e.g., A, MX, NS). If not specified, DIG defaults to querying A records.
• options: DIG offers various options to format or filter query results. Here are some common options used with dig:
  • +short: Gives a shorter, more concise output.
  • +trace: Traces the path of the query across the DNS namespace.
  • +noall +answer: Shows only the answer section of the query.

The 10 most used DIG commands

Here you have 10 examples of DIG commands. We will use example.com as a hostname and 1.2.3.4. as an IP address. Feel free to try these commands with the domain and IP address you want by simply changing the text before you try. 

Open the Terminal application. We need it to write and execute the DIG command there.

1. How to find the website’s IP address?

Find the IP address of a particular domain name that you want to know. You can use the DIG command, without any additional option, which is:

dig example.com

It will do a DNS query, looking for the A records. They have the IP addresses which correspond to the domain name form the query.

The following dig command will give you a lot of extra information too. Data like the version of the DIG command you are using, a header that shows you what you did and who answered you, the port and protocol you used (usually UDP), the time it took for the query, the TTL of the record, and the server which answered you.

If you don’t want so much information, go for the short answer of just the IP address with this command:

Command Line:

$ dig example.com +short

Output:

1.2.3.4

The result will be just the IP address.

Looking for a great DNS service provider? Test ClouDNS for free!

2. How to find the name servers, responsible for your domain?

See all the name servers, in a list, for the particular domain. We will dig for the NS records, and again we will use the +short option to get just the name servers without extra data.

Command Line:

$ dig NS example.com +short

Output:

ns1.example.com.

ns2.example.com.

ns3.example.com.

ns4.example.com.

You want to see if all of the name servers are listed. If one is not showing, it means there are problems with it, and you will need to troubleshoot the problem further.

3. What is the delegation path to your DNS Zone?

See the delegation patch from the root server to your DNS zone. You can make a trace request and see the path, starting from the root server to your DNS zone.

We will use the option +trace.

Command Line:

$ dig example.com +trace

Output:

The answer will show you the route that a typical DNS query goes. You can see the hops and detect a problem, and where exactly the requests get lost.

4. Which is the responsible mail server for your domain?

Check the responsible mail servers for accepting emails.

Command Line:

$ dig MX example.com +short

Output:

1 ASPMX.L.GOOGLE.COM.

5 ALT1.ASPMX.L.GOOGLE.COM.

5 ALT2.ASPMX.L.GOOGLE.COM.

10 ALT3.ASPMX.L.GOOGLE.COM.

10 ALT4.ASPMX.L.GOOGLE.COM.

This query will be directed to the MX records. Inside them, we want to see if the mail servers are all showing and if the MX records are pointed correctly.

5. With which IP address a domain name is associated with?

Reverse DNS check, IP address to hostname. You can also perform the reverse DNS check and see to which hostname does an IP address belongs. For this purpose, the domain owner needs to have PTR DNS records with the IP address and pointed correctly.

Command Line:

$ dig -x 1.2.3.4

Output:

example.com

6. Which are the name servers, responsible for the TLDs (top-level domains)?

See the name servers, list of all of them, of the TLD you put in the query. Yes, you can also do this and check the name servers of a TLD like COM, EU, US, ASIA, or another.

The DIG command will be similar to the previous, but instead of a complete domain name, we will just put the TLD. In this case, “com”.

Command Line:

dig NS com +short

Output:

7. How to check if your DNS zone is synchonized over all authoritative name servers?

Command Line:

$ dig example.com +nssearch

Output:

SOA ns1.example.com. dns-admin.example.com. 2016042102 7200 1800 1209600 300 from server ns3.example.com in 14 ms.

SOA ns1.example.com. dns-admin.example.com. 2016042102 7200 1800 1209600 300 from server ns2.example.com in 22 ms.

SOA ns1.example.com. dns-admin.example.com. 2016042102 7200 1800 1209600 300 from server ns4.example.com in 88 ms.

SOA ns1.example.com. dns-admin.example.com. 2016042102 7200 1800 1209600 300 from server ns1.example.com in 125 ms.

Verify if your DNS zone is synchronized in all authoritative name server. This is a way to check the SOA records and see if their data matches. If your DNS zones are not synchronized, you will need to manually manage and update them. 

8. How can I check when the cache of an answer will expire?

See when the cache with the answer will expire.

Command Line:

$ dig example.com +noall +answer

Output:

;; global options: +cmd

example.com. 109 IN A 1.2.3.4

example.com. 109 IN A 1.2.3.4;; ->>HEADERexample.com. 109 IN A 1.2.3.4

example.com. 109 IN A 1.2.3.4

The additional options will remove unwanted information and just show the answer that we want, the TTL value for the A record. This value represents time in seconds, for how long it is still valid.

9. How to check if a zone exists on a name server?

Look if a zone exists on a particular name server. We want to see the SOA record again, but we will specify with “@” symbol on which name server we are searching for it. In this case, the name server is “ns1.example.com”.

Command Line:

$ dig SOA example.com @ns1.example.com 

You could get one of three results:

• NOERROR – yes, the zone exists.
• NXDOMAIN – no, it does not.
• REFUSED – the name server does not want to answer.

10. How to check which value is in cache in a given resolver?

Check what a particular resolver has in its cache memory. We will use Google’s DNS resolver (8.8.8.8) to see what it has for our domain name.

Command Line:

$ dig example.com @8.8.8.8

Output:

The post 10 Most used DIG commands appeared first on ClouDNS Blog.

How does Dig Command work?

Dig Command works the same way as a typical DNS query. Let’s take an A record request. If you want to see the A record, you want to know the IP address of a particular domain. The request will first check if your router has the information of many sites’ addresses in its cache. If it doesn’t have it, the request must be answered from another recursive server. The common solution is that your query will be responded from the recursive servers of your internet provider. It is possible that it doesn’t know it either. No problem, your query will go on a search for the root server. The request will go to the top-level domain like .COM or .EU, and in the end you will get the IP address from the authoritative server for the domain you were checking. 

Dig Command Syntax

Understanding the syntax of the dig command is crucial for effectively utilizing it for DNS troubleshooting and queries. The basic syntax of the dig command is as follows:

dig [@server] [name] [query type] [options]

• [@server]: Specifies the DNS server to query. If omitted, dig uses the default server specified in your system’s resolver configuration (usually defined in /etc/resolv.conf).
• [name]: This is the domain name or IP address you want to query. For example, cloudns.net.
• [query type]: This specifies the type of DNS record you are interested in. Common types include A, MX, SOA, TXT, PTR etc. If this is left out, dig defaults to querying the A record.
• [options]: Dig offers a wide range of options to modify its behavior and output. For example, +short displays only the answer section of the query. Other options include +trace for tracing the path of the query across DNS servers, +noall +answer to show only the answer section, and many more.

How to install the dig command on Linux?

First, let’s check if you already have the dig command installed. You can do that by opening the terminal and writing dig -v. If you have it, your computer will show a message similar to this one:

DiG 9.11.3-1ubuntu1.7-Ubuntu.

Many new Linux distros have it pre-installed. In case you don’t have it, you will get the following message:

dig command not found

For Linux Mint, Ubuntu and other Ubuntu-based Linux distributions you can use the following command:

sudo apt install dnsutils

If you are using Fedora or CentOS you should use:

sudo yum install bind-utils

And for Arch Linux users:

sudo pacman -S bind-tools

Understanding the dig command

Let’s start with a simple example to understand it. We will use google.com for the testing. You can try it directly with your domain, by simply replacing google.com with your domain.

dig google.com

The first line will inform you about the version of the dig command and the second about the global option.

After that, you will get technical information provided by the DNS nameserver. The header shows you what did you do and was it successful. If there is “NOERROR” that there was no problem.
You will see the answer for the EDNS.
Following line shows that by default you are requesting the A record.
You will get the answer for the A record – the correspondent IP address and you will get statistic about the query.

10 Most used Dig commands

More dig command examples:

dig google.com +short

This will show you just the IP address without any additional information. Quick and easy to use the answer that is basically the answer of an A record. 

dig google.com MX

You can query different types of records like the mail exchanger ones. MX records show the responsible mail server for accepting emails. You can see if all of the servers are working the right way and if they are responding too slowly.

dig google.com SOA

SOA – the start of authority, shows the authoritative DNS server. In this record, you see valuable information about the zone. There is only one SOA per zone. 

dig google.com TTL

TTL – time to live. It shows how long the data should be kept. You can read more about TTL HERE. People usually leave longer TTL, and that way, they lower the DNS servers’ load. When you are creating records, you can set it to a low value, if you like. Also, it is possible to set different TTL for different DNS records.  

dig google.com +nocomments +noquestion +noauthority +noadditional +nostats

Only answer query. Use it if you don’t want to receive extra information. A clear and short answer that will evade the extra statistics that you might want to skip. 

dig google.com ANY +noall +answer

Query all types of DNS records. It will show all the different types of DNS records. This will give you an overview of the domain. Later you can use the dig command for the exact DNS records that you want. 

dig -x 172.217.1.142

Reverse DNS lookup. You can also do the opposite and check the IP address. The rDNS is used for verification. The result will be a PTR record that verifies the nameserver. It is needed that a PTR record exists. Otherwise, this revers checking can’t give an answer.

dig @8.8.8.8 +trace google.com

Trace DNS Path. It will show the whole route that a DNS query takes. Every hop from a server to server. It can show you where exactly server is not working. You might be surprised how far does your query travels. Check it from different locations, and you might see where in the world you need a new point of presence to reduce the latency for the users there.

11 dig -p 5300 google.com

Specify Port Number. If you have changed the standard port 53 to another for increased security, you can make a dig command to check if it is working correctly. And of course, you can check if you have closed the standard ports, and you don’t have any “open doors” for attackers. 

dig _sip._udp.YOURDOMAIN.com SRV

Another record that you can check with this command is the SRV. The SRV records are often used in VoIP. In this example, we are checking the SIP service, and we will use the UDP protocol. The answer will show you the time for response and the server’s IP responsible for the SIP service. 

dig google.com TXT

To see all of the TXT records, use this command. TXT records can be used for verifications and can have different variations. For example, it can be a DMARC record. To see a particular one, you can use the following command and change the “dmarc” with the one you need. 

dig _dmarc.google.com TXT

Now you know the basics of the dig command on Linux. You can start experimenting by yourself.

We can recommend you a few more tools that can be useful for your DNS diagnostic Nslookup, Traceroute, MTR, Host, and Ping.

Conclusion

The dig command is an indispensable tool for DNS troubleshooting and analysis. Its flexibility and powerful options make it a preferred choice for network administrators and IT professionals. By understanding how to install and use the dig command, as well as mastering its syntax, you can efficiently diagnose and solve DNS-related issues. Whether you’re checking DNS records, performing reverse DNS lookups, or tracing the path of DNS queries, dig provides you with the insights needed to ensure your domain’s DNS is functioning correctly. Remember, practice is key to becoming proficient with the dig command, so don’t hesitate to experiment with different queries and options. With this knowledge, you’re well-equipped to tackle any DNS challenges that come your way.

The post Linux dig command, how to install it and use it appeared first on ClouDNS Blog.

DNS trace (dig + trace)

Using DNS trace, you can troubleshoot your DNS. You can use it on Linux OS, Mac OS and even on Windows (using Cygwin). You will trace the route of a DNS query. If there is a problem, you will see exactly where it is.

$ dig +trace www.cloudns.net

(you can write your website)

First, you request a webpage, for example, www.cloudns.net.

The query gets to the root name server for it.

This name server will show you the TLD authoritative server.

Your recursive resolver queries the .com TLD authoritative server for www.cloudns.net.

The .com TLD authoritative server refers your recursive server to the authoritative servers for cloudns.net.

Your recursive resolver queries the authoritative servers for www.cloudns.net and receives the IP as the answer.

Your recursive resolver caches the answer for the duration of the time-to-live (TTL) specified on the record and returns it to you.

This is how domain resolution works. You can get valuable information about the speed and accuracy of the answer.

Additionally, DNS trace is invaluable for diagnosing and understanding DNS propagation issues. It helps identify delays in DNS updates or misconfigurations across different levels of the DNS hierarchy. By understanding the path a DNS query takes, administrators can pinpoint issues more efficiently and ensure that DNS records are correctly resolved. Additionally, DNS trace is an excellent educational tool for those learning about the complexities of internet addressing and domain name resolution.

Premium DNS Service!

Online Ping

Online Ping is a DNS tool that administrator use for checking the connectivity and the speed. Using this command, you send a small data packet to a particular IP address. Then wait to get a feedback packet. You can also use it to ping a name resolution. If you get an answer when you do a ping to an IP but not when you do it to a name, then the two don’t match.

ping www.cloudns.net

Beyond checking connectivity and speed, Online Ping can be used to monitor the availability and response time of a server or network device continuously. This is crucial for maintaining high uptime for critical services and websites. Regular ping tests can alert administrators to network congestion, latency issues, or outages that may affect user experience. It’s a simple yet powerful tool for ensuring that network paths are optimal and services remain accessible.

What is ICMP Ping monitoring?

Traceroute

Tracing the route is similar to the ping. Using this DNS tool, you send a packet of data to an internet host, and it gives you back a result for every hop your query makes in seconds. If your website has a slow response, using this tool you can see where exactly it is the problem.

Try our Free DNS tool! 

traceroute www.cloudns.net

Traceroute not only helps in identifying where problems lie in the network path but also in understanding network infrastructure and performance. By showing the route data packets take to reach their destination, traceroute can reveal unexpected routing behavior or bottlenecks. This insight is useful for network optimization and planning, as well as for security purposes to detect any unauthorized or suspicious network paths.

DNS lookup (nslookup)

You can use this tool on different Operating systems for making DNS queries to get to an IP address or for specific DNS records. You can use it to see if you have any problems with any kind of DNS record that you are using.

nslookup www.cloudns.net

In addition to querying IP addresses or specific DNS records, nslookup is also useful for verifying and troubleshooting DNS configurations and propagation status. This tool can help ensure that your DNS settings are correctly implemented and propagated across the internet, which is critical for website accessibility and performance. It’s also beneficial for security analysis, allowing administrators to check for DNS-based threats or misconfigurations.

10 most used nslookup commands

Reverse DNS lookup

It does what it says, here you start with an IP address and you can find the domain name. This process uses PTR records that show exactly that. You can use it for troubleshooting.

dig -x 136.243.33.126

Reverse DNS lookup is not only crucial for troubleshooting but also plays a significant role in network security and anti-spam efforts. By verifying the domain name associated with an IP address, administrators can identify potential sources of spam or malicious activity. Furthermore, reverse DNS lookups are used in email authentication processes to reduce spam by verifying that the IP address sending the email matches the domain from which it claims to come.

Read more for the Reverse DNS and PTR records in our article: rDNS explained in detail

Conclusion

In conclusion, mastering the use of essential DNS tools like DNS trace, Ping, Traceroute, Nslookup, and Reverse lookup is paramount for network administrators and troubleshooters. These tools offer invaluable insights into diagnosing connectivity issues, optimizing network performance, and ensuring the smooth operation of online services. By harnessing their capabilities effectively, administrators can navigate the complexities of DNS management with confidence, ultimately leading to a more stable and reliable networking environment.

The post Тools – DNS trace, Ping, Traceroute, Nslookup, Reverse lookup appeared first on ClouDNS Blog.

However, like every other IT problem, DNS issues can be resolved. You just have to know the right tools and commands. In this blog post, we’ll delve into some of these essential DNS troubleshooting tools and commands that every network administrator ought to arm themselves with.

Common DNS Issues 

Before we dive into the tools and commands, let’s understand the most common DNS issues that most administrators often encounter:

1. DNS Downtime: This occurs when DNS servers that translate domain names are temporarily unavailable.
2. Incorrect DNS Configuration: This involves errors in the setup of DNS settings which may lead to problems accessing certain websites or the internet.
3. DNS Cache Poisoning: Also known as DNS Spoofing, it refers to fraudulent entries in the DNS cache, causing traffic to be directed to the wrong place.
4. DNS Propagation Delays: This happens when you make changes to your DNS records and they are not immediately effective due to the time taken to update network servers around the globe.

Now that we have a basic understanding of common DNS issues, let’s explore the essential DNS troubleshooting commands that can help you diagnose and resolve these problems.

DNS Troubleshooting Tools

There are plenty of tools that you can use. The tools can be specific for Linux, Windows, or Mac OS, or they can be browser-based. Most of the tools that we will show you overlaps in functionality, and it will be your decision which one you would use in the future.

Check if the problem is not just in your device

Before you start with the DNS troubleshooting, check if the problem is only local. If you are trying to access your website, but you are getting this message “DNS_PROBE_FINISHED_NXDOMAIN” the problem might be in your device. We recently wrote a way to fix it. Go and read the article. 

Dig command

The ‘dig’ command, which stands for ‘Domain Information Groper,’ is a handy command-line tool used in the DNS name resolution process. It sends a DNS query to a specified DNS server and gets a response. It’s a useful tool for finding DNS-related issues. 

With this command you can see all the DNS records. You can use it on Linux and Mac OS, but you can search for a port for Windows too. A typical dig command will show you an Authority Section. You can see if the DNS is pointing correctly.

Use it with +trace in dig +trace combination “dig +trace YOURDOMAIN” to see the whole route of your query. This way you can locate the exact problem.

ClouDNS Free DNS tool

ClouDNS brings to you a valuable Free DNS tool that has transformative capabilities to enhance your DNS troubleshooting tactics. With this tool, you can inspect the DNS records for a specific host and assess the speed of DNS queries. Aside from these, you can also create a comprehensive audit, a feature that helps in in-depth analysis and identification of problematic areas.

Designed to facilitate the work of their customers, the ClouDNS Free DNS tool is user-friendly and accessible, making DNS troubleshooting a breeze even for beginners in the field. All you need to do is enter your domain and host into the tool, select the tool type as “DNS Records”, and choose ‘Google’ as your DNS resolver, then hit ‘CHECK’. 

What’s more, this powerhouse tool is free of cost, making it a stellar choice for efficient network management. The value it provides, particularly in terms of insight into DNS records and query speed, can go a long way in troubleshooting DNS-related problems swiftly and effectively.

Traceroute

The ‘traceroute’ command enables you to track the pathway that a packet takes from the host to the destination server. As the name suggests, this will be ideal for checking the entire route of a DNS query. You can use it on Windows as Tracert, Linux and Mac OS as traceroute. You can try it with a domain or IP address, and you will see a result with all the hops and response time.

NSLookup

‘NSLookup‘ stands for ‘Name Server Lookup’. This command-line tool is used for obtaining information about DNS settings. It allows users to enter a host name and find out the corresponding IP address, or vice versa.

This command lets you check any type of DNS record. You can use it to see all the available DNS records, or you can look for a specific type like – A, AAAA, SOA, MX, PTR, NS, etc. You can use it to troubleshoot a domain using a particular port too. 

Host command

‘Host’ command is very similar to the NSLookup but available only on Linux. You have to write the commands in the Terminal, and you can see the different types of DNS records.

One thing that you can troubleshoot if you have problems with your emails are the TXT records. You can see if there is a SPF record. It is a TXT record that prevents spoofing and stops your outgoing emails from going directly into the spam folder.

Generate SPF record for free!

Conclusion

There are plenty of useful tools that you can use for DNS troubleshooting. Try all of these and find the right one for you and your problem. Many overlaps in functionality, but have some small differences that can help you in a specific case.

As you saw, there are utilities for every operating system so that you can find the problem easily. After you see where the problem is, it is easy to fix it.  

The post DNS Troubleshooting – tools and commands appeared first on ClouDNS Blog.