Dig

From Linuxintro
Revision as of 11:13, 14 June 2019 by imported>ThorstenStaerk
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

The command dig allows you to query a name server for IP addresses like this:

# dig www.linuxintro.org

; <<>> DiG 9.7.3-P1 <<>> www.linuxintro.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 884
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.linuxintro.org.            IN      A 

;; ANSWER SECTION:
www.linuxintro.org.     14400   IN      A       92.51.132.237

;; Query time: 67 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Jul  2 14:34:22 2011
;; MSG SIZE  rcvd: 52

In this example we see the IP address of www.linuxintro.org is 92.51.132.237.

The syntax of a dig call is

dig @dnsserver domain type

for example

  • query the 192.168.0.1 for the IP address of the hostname bartholomeus
dig @192.168.0.1 bartholomeus
  • query for the mail record (MX) of staerk.de
root@mail:~# dig staerk.de MX

; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55597
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 6

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1480
;; QUESTION SECTION:
;staerk.de.                     IN      MX

;; ANSWER SECTION:
staerk.de.              3536    IN      MX      1 aspmx.l.google.com.staerk.de.
staerk.de.              3536    IN      MX      5 alt2.aspmx.l.google.com.staerk.de.
staerk.de.              3536    IN      MX      5 alt1.aspmx.l.google.com.staerk.de.
staerk.de.              3536    IN      MX      10 alt4.aspmx.l.google.com.staerk.de.
staerk.de.              3536    IN      MX      10 alt3.aspmx.l.google.com.staerk.de.
  • When I wanted gsuite to manage my mail domain, I had to prove that I own this domain's DNS. To do this, I had to add a TXT record to DNS that contained a string for google to verify I had inserted it. Now I did not know if it had worked, but with dig I could find out:
root@mail:~# dig staerk.de TXT

; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de TXT
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10656
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1480
;; QUESTION SECTION:
;staerk.de.                     IN      TXT

;; ANSWER SECTION:
staerk.de.              3600    IN      TXT     "google-site-verification=XtcUMZPfCdJHB3JDQM_fiI0BBWW_sQiyYhCmH6Sok18"

;; AUTHORITY SECTION:
staerk.de.              3600    IN      NS      ns1.first-ns.de.
staerk.de.              3600    IN      NS      robotns2.second-ns.de.

;; Query time: 235 msec
;; SERVER: 80.237.128.56#53(80.237.128.56)
;; WHEN: Fri Jun 14 10:56:26 UTC 2019
;; MSG SIZE  rcvd: 179

But google did not accept this, it said, it was still waiting for the domain confirmation. So I told dig to use the google name server (8.8.8.8) for the query:

root@mail:~# dig staerk.de TXT @8.8.8.8

; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de TXT @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63864
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;staerk.de.                     IN      TXT

;; ANSWER SECTION:
staerk.de.              3599    IN      TXT     "google-site-verification=XtcUMZPfCdJHB3JDQM_fiI0BBWW_sQiyYhCmH6Sok18"

;; Query time: 166 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Jun 14 11:11:40 UTC 2019
;; MSG SIZE  rcvd: 119

See also