The dig Program

The dig program uses a simple command-line format to query DNS servers to return all information for a domain. It provides one-stop shopping for all the DNS information you could possibly need for a site. The format for the dig command is a follows:

dig [@server] [options] domain [query-type] [query-class] [query-options]

There are several types of parameters that modify the DNS information the dig command retrieves and displays:

♦ @server: An optional DNS server to use instead of the default system setting.

♦ query-type; The RR-type information that you are requesting, such as the A, SOA, NS, and MX records. Use a query type of any to return all information available about a domain.

♦ query-class: The network class of information that you are requesting. The default is Internet (IN).

♦ query-options: Used to change an option value in the DNS packet or to change the format of the dig output. These options mirror the options available in the nslookup program.

Besides these parameters, the dig command also has its own set of parameters to specify other options that affect the operation of dig. Table 20-5 shows some of the other options available to fine-tune the dig command and its output.

Table 20-5: The dig Command Options

Option Description

Table 20-5: The dig Command Options

Option Description



Specify the source address of the query



Specify the query class (default is IN)



Read a file for batch mode processing



Specify a file to read the encryption key used to sign the DNS query


Specify a port number to use



Specify the query name



Specify type of query



Specify a reverse lookup of the address specified


Specify an encryption key to digitally sign the DNS query

The dig program produces the same information as host and nslookup, but it provides more detail about how and where the answers came from:

$ dig MX

; <<>> DiG 9.5.0-P2 <<>> MX ;; global options: printcmd ;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6464

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0



;; Query time: 4 msec ;; SERVER: ;; WHEN: Tue Oct 14 19:01:32 2008

The output shows the DNS records as they appear in the nameserver for the domain, which is much more detail than you'd get using the host or nslookup programs.

Was this article helpful?

0 0

Post a comment