How does Dig Command work?

Dig Command works the same way as a typical DNS query. Let’s take an A record request. If you want to see the A record, you want to know the IP address of a particular domain. The request will first check if your router has the information of many sites’ addresses in its cache. If it doesn’t have it, the request must be answered from another recursive server. The common solution is that your query will be responded from the recursive servers of your internet provider. It is possible that it doesn’t know it either. No problem, your query will go on a search for the root server. The request will go to the top-level domain like .COM or .EU, and in the end you will get the IP address from the authoritative server for the domain you were checking. 

Dig Command Syntax

Understanding the syntax of the dig command is crucial for effectively utilizing it for DNS troubleshooting and queries. The basic syntax of the dig command is as follows:

dig [@server] [name] [query type] [options]

• [@server]: Specifies the DNS server to query. If omitted, dig uses the default server specified in your system’s resolver configuration (usually defined in /etc/resolv.conf).
• [name]: This is the domain name or IP address you want to query. For example, cloudns.net.
• [query type]: This specifies the type of DNS record you are interested in. Common types include A, MX, SOA, TXT, PTR etc. If this is left out, dig defaults to querying the A record.
• [options]: Dig offers a wide range of options to modify its behavior and output. For example, +short displays only the answer section of the query. Other options include +trace for tracing the path of the query across DNS servers, +noall +answer to show only the answer section, and many more.

How to install the dig command on Linux?

First, let’s check if you already have the dig command installed. You can do that by opening the terminal and writing dig -v. If you have it, your computer will show a message similar to this one:

DiG 9.11.3-1ubuntu1.7-Ubuntu.

Many new Linux distros have it pre-installed. In case you don’t have it, you will get the following message:

dig command not found

For Linux Mint, Ubuntu and other Ubuntu-based Linux distributions you can use the following command:

sudo apt install dnsutils

If you are using Fedora or CentOS you should use:

sudo yum install bind-utils

And for Arch Linux users:

sudo pacman -S bind-tools

Understanding the dig command

Let’s start with a simple example to understand it. We will use google.com for the testing. You can try it directly with your domain, by simply replacing google.com with your domain.

dig google.com

The first line will inform you about the version of the dig command and the second about the global option.

After that, you will get technical information provided by the DNS nameserver. The header shows you what did you do and was it successful. If there is “NOERROR” that there was no problem.
You will see the answer for the EDNS.
Following line shows that by default you are requesting the A record.
You will get the answer for the A record – the correspondent IP address and you will get statistic about the query.

10 Most used Dig commands

More dig command examples:

dig google.com +short

This will show you just the IP address without any additional information. Quick and easy to use the answer that is basically the answer of an A record. 

dig google.com MX

You can query different types of records like the mail exchanger ones. MX records show the responsible mail server for accepting emails. You can see if all of the servers are working the right way and if they are responding too slowly.

dig google.com SOA

SOA – the start of authority, shows the authoritative DNS server. In this record, you see valuable information about the zone. There is only one SOA per zone. 

dig google.com TTL

TTL – time to live. It shows how long the data should be kept. You can read more about TTL HERE. People usually leave longer TTL, and that way, they lower the DNS servers’ load. When you are creating records, you can set it to a low value, if you like. Also, it is possible to set different TTL for different DNS records.  

dig google.com +nocomments +noquestion +noauthority +noadditional +nostats

Only answer query. Use it if you don’t want to receive extra information. A clear and short answer that will evade the extra statistics that you might want to skip. 

dig google.com ANY +noall +answer

Query all types of DNS records. It will show all the different types of DNS records. This will give you an overview of the domain. Later you can use the dig command for the exact DNS records that you want. 

dig -x 172.217.1.142

Reverse DNS lookup. You can also do the opposite and check the IP address. The rDNS is used for verification. The result will be a PTR record that verifies the nameserver. It is needed that a PTR record exists. Otherwise, this revers checking can’t give an answer.

dig @8.8.8.8 +trace google.com

Trace DNS Path. It will show the whole route that a DNS query takes. Every hop from a server to server. It can show you where exactly server is not working. You might be surprised how far does your query travels. Check it from different locations, and you might see where in the world you need a new point of presence to reduce the latency for the users there.

11 dig -p 5300 google.com

Specify Port Number. If you have changed the standard port 53 to another for increased security, you can make a dig command to check if it is working correctly. And of course, you can check if you have closed the standard ports, and you don’t have any “open doors” for attackers. 

dig _sip._udp.YOURDOMAIN.com SRV

Another record that you can check with this command is the SRV. The SRV records are often used in VoIP. In this example, we are checking the SIP service, and we will use the UDP protocol. The answer will show you the time for response and the server’s IP responsible for the SIP service. 

dig google.com TXT

To see all of the TXT records, use this command. TXT records can be used for verifications and can have different variations. For example, it can be a DMARC record. To see a particular one, you can use the following command and change the “dmarc” with the one you need. 

dig _dmarc.google.com TXT

Now you know the basics of the dig command on Linux. You can start experimenting by yourself.

We can recommend you a few more tools that can be useful for your DNS diagnostic Nslookup, Traceroute, MTR, Host, and Ping.

Conclusion

The dig command is an indispensable tool for DNS troubleshooting and analysis. Its flexibility and powerful options make it a preferred choice for network administrators and IT professionals. By understanding how to install and use the dig command, as well as mastering its syntax, you can efficiently diagnose and solve DNS-related issues. Whether you’re checking DNS records, performing reverse DNS lookups, or tracing the path of DNS queries, dig provides you with the insights needed to ensure your domain’s DNS is functioning correctly. Remember, practice is key to becoming proficient with the dig command, so don’t hesitate to experiment with different queries and options. With this knowledge, you’re well-equipped to tackle any DNS challenges that come your way.

The post Linux dig command, how to install it and use it appeared first on ClouDNS Blog.

The DDoS attacks are also increasing. According to Kaspersky Lab 33% of organizations experienced a DDoS attack in 2017, compared to 17% in 2016. So we also want to know if the top shopping websites are well prepared for future attacks.

In this article, we will check with our DNS tool all of the top 50 E-Commerce websites. We will see if their speed and DDoS protection is fine or they will need to improve. Based on our research we will make recommendations how these websites can improve.

DNS Tool

For this research, we will be using our DNS lookup tool

It shows how fast the servers are responding from six different international locations – 1. Roubaix, France, 2. Atlanta, USA, 3. Sao Paulo, Brazil, 4. Sydney, Australia, 5. Johannesburg, South Africa and 6. Singapore.

It is a small and very helpful tool that you can use for diagnostic of your DNS. It is easy to use, and it let you download a PDF report of your findings.

What are we checking?

Name servers

We are checking how many name servers are listed on the parent server. It is recommended to be more than two; three is ok, four is better. This adds resilient to your DNS network; it will result in better up time. If one or two are down for maintenance, the rest will still satisfy the needs of your customers. Another benefit is the increased security. More servers can handle better the traffic and this way they resist more to DDoS attacks.

NS records

NS records delegate a sub-domain to the name servers you have. They should be synchronized.

SOA record

Another that needs to show the same result for all of the name servers. It shows the start of authority, so it must indicate the same master name server, timestamp and few more characteristic.

A record distribution

By location for the domain and the www.domain (same but with www).

Speed

And finally one of the most important for an e-commerce website, the speed. As said above, a slow site can push the visitors away and lose a lot of sales.

Top 50 E-commerce websites

For the case study, we will also use the following SimilarWeb rank list.

Results

You can find all reports that we generated and additional information in this spreadsheet.

1.Amazon.com

The first one in the list is Amazon.com. They are using Dyn DNS and Neustar UltraDNS and average response time of the name servers is 50.66ms. We don’t know why they don’t use their DNS network – Route 53.

2. Taobao.com

Very slow global speed – 350.59ms. They don’t use any DNS provider, which is interesting since they are owned by Alibaba, and Alibaba has AliDNS. We don’t know why Alibaba does not use their DNS services.

3. eBay.com

Congratulations eBay, that’s the way to do it. Using Verisign as their Primary DNS provider and Dyn as a Secondary DNS. Low speed in South Africa, but they have ebay.co.za for that.

4. Tmall.com

Another property of Alibaba. Low speed even in Singapore (above 130ms). Not good Tmall. Alibaba do you plan to use your DNS for your websites?

5. Craigslist.org

Not a typical shopping site, but it’s on the list, so we need to check it out. Average speed 162.98ms. Even the two name servers in Atalanta show 64 and 63 ms. We think their users deserve better speed than that. No backup DNS.

6. AliExpress.com

In 2016, AliExpress claimed they reduced load time by 36% and recorded a 10.5% increase in orders and a 27% increase in conversion rates. Our report shows that they are using Alibaba Cloud. But unfortunately, this doesn’t help. The average response time of the name servers is 215.78ms. Just two name servers are showing speed less than 100ms. And this is a global site which depends on international users. We suggest adding a Secondary DNS provider. A company which generated almost 23 Billion in revenue in a single day, surely can set aside few thousands of dollars annually for this.

7. JD.com

An average response time of the name servers is 399.32ms. If they want to beat Alibaba at least, they have to provide good speed for their users. Singapore speed is also very low – name server in Singapore shows 145ms.

Next stop four properties of Amazon in different locations. Let’s see if some of them are using Route 53 this time.

8. Amazon.de

Excellent speed Amazon.de – 50.60ms. Using two DNS providers again – Neustar and Dyn. No sign of Route53 though. Interesting.

9. Amazon.co.uk

Good job Amazon.co.uk. – the best global speed of the top 10 websites – 45ms. Using ten name servers and two DNS providers again – Neustar and Dyn. This is a recipe for success. Still no sign of Route53 though.

10. Amazon.co.jp

Two DNS providers again – Neustar and Dyn and good average response – 76.06ms.

11. eBay.co.uk

Using Verisign as their Primary DNS provider and Dyn as a Secondary DNS as eBay.com. Good overall speed.

12. Walmart.com

The whopping amount of 12 name servers. Not the fastest global speed, but since the majority of their audience is coming from the US, the result is excellent. Using two DNS providers, Akamai and Neustar UltraDNS. Some say that they got in the online business too late, but they are sure fast learners and understand that speed and security is the only way to compare to Amazon.

13. Avito.ru

According to SimilarWeb, the majority of their traffic is coming from Russia, Ukraine and the rest of the CIS countries. Wow, 2.17ms. Global speed and maybe we have a winner. They are using Cloudflare and no secondary DNS provider. Fast speed on all 6 test POPs. We can’t say much, except that they are doing an excellent job. Only if they had backup DNS, it would have been the perfect example.

14. Mercadolivre.com.br

Latin America’s most popular e-commerce website. According to Similarweb 98% of the Mercadolivre.com.br traffic is coming from Brazil. No DNS providers, The speed is not good even in Brazil – above 100ms.

15. Amazon.in

Around 10% of their traffic is international, so it’s good for them to have good global speed. And they do. Using Dyn and UltraDNS, they achieve excellent speed – 68.96ms, except South Africa.

16. Rakuten.co.jp

No DNS providers = slow global speed. Not much to say here. Guess they don’t rely on revenues outside Japan.

17. Allegro.pl

Again no DNS providers = slow average response. Yes, you’ll say they don’t need it because they are targeting mostly users in Poland, but what about the searches outside PL. Around 5% of their traffic is coming outside Poland. And what about DDoS protection and backup?

18. eBay.de

As the other eBay domains, this one is also using Verisign as their Primary DNS provider and Dyn as a Secondary DNS. Good overall response – 70.92ms.

19. Amazon.fr

Around 20% of the traffic comes outside of France, so it’s good to have at least reasonable EU speed. And they do. Using Dyn and UltraDNS, they achieve excellent global speed, except South Africa.

20. Аmazon.it

Amazon surely knows how important is speed and to have a backup. So far they are using the same recipe for success – two DNS providers – Dyn and UltraDNS.

21. Leboncoin.fr

The French classified site. Good speed in France, slow speed globally. No sign of DNS providers. If anyone from Leboncoin is reading, please protect your revenue and your users and set up a backup DNS.

22. 58.com

Like all other Chinese e-commerce sites, they also have terrible global speed – 357.49ms and don’t use Managed DNS provider.

23. Target.com

Using Akamai which is good, but no Secondary DNS provider. Excellent speed in the US and Europe. Overall good – below 100ms.

24. Etsy.com

One of our personal favorites. Let’s see how they perform the test. Using AWS and Dyn. Nice to know that someone is using Route 53 after we found out that the Amazon doesn’t. Good speed everywhere except South Africa – 51.06ms.

25. Bestbuy.com

Using Akamai but no Secondary DNS provider. Good speed in the US and Europe. Low speed in Australia, Brazil, and South Africa. For reference, bestbuy.com.mx also doesn’t have good speed in Brazil.

26. Amazon.es

The Spanish domain of Amazon also has good global speed – 69.31ms and again uses two Managed DNS providers – UltraDNS and Dyn.

27. Sahibinden.com

The most prominent Turkish online store. They are using five nameservers, and 1 of them is not responding. Terrible global speed – 631.28 and no DNS providers (we checked the website few times, and the servers were not responding, and the speed was over 500ms each time).

28. Flipkart.com

The Indian e-commerce giant. They use Neustar. Excellent average speed. No Secondary DNS.

29. Ikea.com

The Scandinavian furniture manufacturer uses no DNS providers for its online shop. Good speed at our French POP and not so good globally.

30. Gearbest.com

A genuinely international website with traffic from all over the globe. Using Akamai, but the global speed is above 100ms. Highest response time in Brazil, which is interesting since according to Similarweb 18% of their traffic is coming from this country.

31. Mercadolibre.com.ar

Argentina’s most famous e-commerce store. No DNS providers, The speed is not good even in Brazil – above 100ms.

32. OLX.pl

Another Polish e-commerce site. They are using Amazon Route 53. Excellent speed in Europe. No Secondary DNS, no backup.

33. eBay-Kleinanzeigen.de

Good response according to our France POP, poor global speed – 176.19ms. No DNS provider is detected.

34. Mi.com

The international online portal of Xiaomi – the smartphone manufacturer. The average response time of the name servers is terrible – 367.21ms. They don’t use DNS providers, and respectively their bounce rate is high.

35. Amazon.ca

Good job also for Amazon.ca. Using two DNS providers again – Neustar and Dyn. The technical guys from Amazon understand the importance of using DNS provider. The last of the Amazon properties on our list and still none of them are using Route 53. Can we say according to this that the Dyn and Neustar DNS networks are better than the Route 53’s… Don’t know; we leave the presumptions to you.

36. OLX.ua

As the rest of the OLX properties, they are using Amazon Route 53. Excellent speed in Europe. No Secondary DNS, no backup.

37. Wish.com

Using the services of Amazon Route 53. Good overall global speed – 61.72ms, except South Africa – above 150ms.

38. HM.com

The international shopping site of the H&M brand. Good speed in EU and US, poor in Brazil and Singapore. Maybe they don’t rely so much on sales in South America and Asia. They are using Akamai, but no secondary DNS provider.

39. Mercadolibre.com.mx

Another site from the Argentinian giant. Hope this one performs better, let’s see. Good speed in the US, poor everywhere else, even in Brazil. Average response time is 143.79ms. No sign of DNS provider and backup DNS.

40. HomeDepot.com

Good speed in the US, which is good, since they are relying heavily on US consumers. Fear global speed – 102.44. If you look at the spreadsheet and the report you’ll see that they are also using Akamai.

41. Market.yandex.ru

The marketplace of Yandex – the Russian bear. They are using their DNS, which gives excellent speed in Europe, but very poor globally – 178.63ms. We’re guessing global presence is not essential for them. The bear won’t leave Russia with this speed.

42. Americanas.com.br

Good overall speed, except in South Africa, but with 99% of the traffic coming from Brazil, that is logical. Using Route 53 but unfortunately no Secondary DNS provider.

43. Alibaba.com

Like all tested so far Alibaba properties, Alibaba.com is not an exception. Poor global speed – 256.2ms, especially in Australia, South Africa, and Singapore. No Secondary DNS provider. Bounce rate is high respectively – 46.31%.

44. Sonymobile.com

The international platform of Sony Mobile is in 44th place. Using Route 53 but no backup DNS provider. Guess Sony didn’t learn the lessons from the frequent DDoS attacks they received on their PlayStation Network.

45. DMM.com

The Japan-based electronic commerce and Internet company is next. They are using ten name servers, 6 of which are from Akamai, but global speed is not high.

46. OLX.com.br

As the rest of the Argentinian classified giant OLX properties, com.br is also using Amazon Route 53. Good speed almost everywhere except South Africa. No backup DNS.

47. Macys.com

Macys are using Akamai also. Good speed in Europe and US, poor in Brazil. Average response time – 128.06ms. No secondary DNS.

48. Suning.com

Sunning is one of the largest retailers in China. Almost two years ago Alibaba bought shares in the company, so let’s see if they are using AliDNS or not. And the answer is no. Poor speed almost everywhere except Singapore. No primary and backup DNS provider, which corresponds to the highest bounce rate of all e-commerce websites so far – above 70%. That’s millions of dollars lost according to everybody’s calculations.

49. Kohls.com

As the rest of the websites using Akamai network, the site of the American department store retailing chain has good speed; only Brazil is lagging. But since 98% of their traffic is coming from the US they can live with it. The lack of back DNS is not good though.

50. Asos.com

The British online fashion and beauty store comes last in our report. They have lots of international traffic, only 25% of the traffic comes from the UK, the rest is all over the globe. They have eight name servers, using Dyn and Secondary DNS provider. Excellent global speed, except in South Africa.

Conclusion

According to our research majority of the big brands still didn’t learn the lesson from the 2016 Dyn DDoS attack, where huge sites were down for hours. 70% of the sites in this case study don’t have backup DNS. Not setting up a backup DNS or at least using a single DNS provider, leaves you open for DDoS attacks and respectively revenue losses. The question is not if it’ll happen but when.

Winner global top speed is Avito.ru with an average response time of 2.17ms.

The average amount of name servers per site is five, and the average DNS lookup speed of all 50 websites is 146.63ms.

We can draw a parallel between the response time of the websites and their bounce rate, as 89% of the sites with bounce rate above 40% had also lousy speed (see red fields in the spreadsheet).

And finally a recommendation for all other e-commerce sites – if you want to fight the big boys and win, you need to invest in your site speed and DNS. Make sure you are using not one but two DNS providers. You will be surprised at how little money you can get a good night’s sleep.

The post A case study of the top 50 e-commerce sites and their DNS appeared first on ClouDNS Blog.