4 Vital Dig Command Examples to Know as Sysadmin or Developer

As a sysadmin, things look pretty only until they don’t. In those crisis-driven moments, these dig commands will come in handy. Stay tuned.

System Administrators do a hell of a job every time. Even the most basic sysadmin job requirement of being on-call 24/7 is something I appreciate beyond limits.

But we aren’t here to dive into their job profiles; instead, check their weapon of choice to troubleshoot DNS issues.

What are Dig Commands?

Short for Domain Information Groper, Dig commands are one of the fastest methods to query DNS servers about what’s working and what isn’t.

You can check the server IP address, name servers, mail exchange, inquire TTL, etc., with easy-to-remember texts.

Before starting with a few basic dig commands, please check if you have dig utilities installed:

$ dig -v

This should return with the result indicating the dig version, like this:

DiG 9.18.1-1ubuntu1-Ubuntu

If you don’t get a similar response, you need to install Dig utilities first.

For people using Ubuntu and Debian, type:

$ sudo apt-get install dnsutils

And use:

$ sudo yum install bind-utils

…if you are on CentOS or RHEL.

Next, run dig -v to ensure the installation went smoothly.

Finally, jump to the following sections to check out a few Dig commands to help you as a sysadmin.

Check the IP address

This is one of the simplest where we check the server IP address underpinning a domain name.

dig geekflare.com is the iteration we’ll begin with.

$ dig geekflare.com

; <> DiG 9.18.1-1ubuntu1-Ubuntu <> geekflare.com
;; global options:  cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38635
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;geekflare.com.			IN	A

;; ANSWER SECTION:
geekflare.com.		67	IN	A	172.66.43.163
geekflare.com.		67	IN	A	172.66.40.93

;; Query time: 4 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Wed Nov 09 04:29:58 UTC 2022

The first important thing is the status: NOERROR in the Got answer section at the top. This tells us it went well without any issues.

But the information for which we made this query is the server IP address. It’s mentioned in the Answer section 172.66.40.93 (the primary server) and 172.66.43.163 (the fail-safe).

In addition, your original query statement sits under the Question section.

The last section gives a few statistics about the query.

But that’s an awful lot of information, not needed every time.

Ergo, you can fetch a cleaner response to this query by entering:

$ dig geekflare.com  noall  answer
geekflare.com.		53	IN	A	172.66.43.163
geekflare.com.		53	IN	A	172.66.40.93

Here we deny everything by the noall, only to allow the expected answer with the answer.

One can get an even more brief response by using:

$ dig geekflare.com  short
172.66.43.163
172.66.40.93

This was the basic query returning the DNS A record; let’s see a few more.

Find specific DNS records

Nameservers, the authoritative DNS server for a domain, can be found by the ns variable.

$ dig geekflare.com ns  short
olga.ns.cloudflare.com.
todd.ns.cloudflare.com.

Similarly, the mx variable responds with the mail servers along with their priorities.

$ dig geekflare.com mx  noall  answer
geekflare.com.		300	IN	MX	1 aspmx.l.google.com.
geekflare.com.		300	IN	MX	10 alt3.aspmx.l.google.com.
geekflare.com.		300	IN	MX	10 alt4.aspmx.l.google.com.
geekflare.com.		300	IN	MX	5 alt1.aspmx.l.google.com.
geekflare.com.		300	IN	MX	5 alt2.aspmx.l.google.com.

In the same fashion, txt, aaaa, cname, etc., can be used as dig command variables to return different DNS records.

Trace DNS

As evident by the heading, Trace DNS checks the path from the root nameservers, authoritative nameservers, up to the domain IP address.

$ dig geekflare.com  trace

; <> DiG 9.18.1-1ubuntu1-Ubuntu <> geekflare.com  trace
;; global options:  cmd
.			322660	IN	NS	a.root-servers.net.
.			322660	IN	NS	b.root-servers.net.
.			322660	IN	NS	c.root-servers.net.
.			322660	IN	NS	d.root-servers.net.
.			322660	IN	NS	e.root-servers.net.
.			322660	IN	NS	f.root-servers.net.
.			322660	IN	NS	g.root-servers.net.
.			322660	IN	NS	h.root-servers.net.
.			322660	IN	NS	i.root-servers.net.
.			322660	IN	NS	j.root-servers.net.
.			322660	IN	NS	k.root-servers.net.
.			322660	IN	NS	l.root-servers.net.
.			322660	IN	NS	m.root-servers.net.
;; Received 811 bytes from 127.0.0.53#53(127.0.0.53) in 16 ms

com.			172800	IN	NS	i.gtld-servers.net.
com.			172800	IN	NS	k.gtld-servers.net.
com.			172800	IN	NS	e.gtld-servers.net.
com.			172800	IN	NS	c.gtld-servers.net.
com.			172800	IN	NS	h.gtld-servers.net.
com.			172800	IN	NS	b.gtld-servers.net.
com.			172800	IN	NS	d.gtld-servers.net.
com.			172800	IN	NS	f.gtld-servers.net.
com.			172800	IN	NS	j.gtld-servers.net.
com.			172800	IN	NS	g.gtld-servers.net.
com.			172800	IN	NS	a.gtld-servers.net.
com.			172800	IN	NS	m.gtld-servers.net.
com.			172800	IN	NS	l.gtld-servers.net.
com.			86400	IN	DS	30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.			86400	IN	RRSIG	DS 8 1 86400 20221121170000 20221108160000 18733 . ZgW2dKMBP6rqIgQSGN5uzFhNFZuIPUg7JrkXzgE9VKh68LOIuQlFgTTV xt3Sz4ytgru8JWcwCHgiqCTjbaN3WeHcrDVf0ItG0Az/01ofBWfoAu9S 1JFYcOrYkTUidn8R4vROkwzsTrZMirnB/4yrA4MD5thWVBr3IczcnFto DbADuw8Qy/RUEUfcu LcQ4Ge OzIP8eE1T6 nbMRqFZBSMFoBO1w0Mmk xNGyEclfFkymQ4CsYxnvYVstljpLqh1OhoAEwY6D 0cSh9dKNQ5LKhgq UXqfJ zmdcvL cVvMjfcB0Wj6/hmEkpEp1ISawlTjFUDgiKNZxiow02r JL4tsw==
;; Received 1201 bytes from 192.33.4.12#53(c.root-servers.net) in 148 ms

geekflare.com.		172800	IN	NS	olga.ns.cloudflare.com.
geekflare.com.		172800	IN	NS	todd.ns.cloudflare.com.
geekflare.com.		86400	IN	DS	2371 13 2 CBAA2018F41B29985DAEDE7F127D4F9626ADA609665CEBAB0011903B 7C639254
geekflare.com.		86400	IN	RRSIG	DS 8 2 86400 20221112051535 20221105030535 53929 com. sbqDGqvxmEAjS4KRx8LvQAG9IusLgRRm5GPDf AFkXddGgfJN37vJP1H 4JKMriWtgXZHc3g1ANMNjij 5J1K3GgeNy2w0UYc7xHkmvhsd15pDvi9  BoiBsjC8ffznyli8sV8XVhm65oKDHJRx5YEtXUVA4p9hegO0NHDccvt ujQKMShBWX3nxs7P4onL13gspVScOoZgzXL3470UfDW7MA==
;; Received 601 bytes from 2001:501:b1f9::30#53(m.gtld-servers.net) in 144 ms

geekflare.com.		300	IN	A	172.66.43.163
geekflare.com.		300	IN	A	172.66.40.93
geekflare.com.		300	IN	RRSIG	A 13 2 300 20221110051242 20221108031242 34505 geekflare.com. tKDYd/FHjs/aRHeOQJlsxXDJYtVcHA4G16QRJKlhFyYkZ2TmLKNIc6eM vXfpO91IVArK67KbyW5lIxI5cCxcQg==
;; Received 183 bytes from 172.64.32.137#53(olga.ns.cloudflare.com) in 16 ms

Alternatively, you can get a short answer by using short or noall answer variables.

Reverse DNS lookup

Reverse DNS lookup reveals the PTR record associated with the IP address. It’s the opposite of a DNS A record and matches the IP addresses to the domain name.

However, there will be no answer section if a domain name has no DNS PTR record.

The command at play here is dig -x IP address.

ubuntu@ubuntu:~$ dig yahoo.com  short
74.6.143.26
74.6.231.20
98.137.11.164
98.137.11.163
74.6.143.25
74.6.231.21
ubuntu@ubuntu:~$ dig -x 74.6.143.26

; <> DiG 9.18.1-1ubuntu1-Ubuntu <> -x 74.6.143.26
;; global options:  cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32267
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;26.143.6.74.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
26.143.6.74.in-addr.arpa. 600	IN	PTR	media-router-fp74.prod.media.vip.bf1.yahoo.com.

;; AUTHORITY SECTION:
143.6.74.in-addr.arpa.	172800	IN	NS	ns3.yahoo.com.
143.6.74.in-addr.arpa.	172800	IN	NS	ns4.yahoo.com.
143.6.74.in-addr.arpa.	172800	IN	NS	ns5.yahoo.com.
143.6.74.in-addr.arpa.	172800	IN	NS	ns2.yahoo.com.
143.6.74.in-addr.arpa.	172800	IN	NS	ns1.yahoo.com.

;; Query time: 192 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Wed Nov 09 04:17:08 UTC 2022
;; MSG SIZE  rcvd: 203

As you can see, the domain name in the Answer section, media-router-fp74.prod.media.vip.bf1.yahoo.com/, is linked with its primary IP address 74.6.143.26.

And visiting this URL will actually send you to the Yahoo search homepage.

However, this may not be true for all web hosts; in some cases, these ugly, long URLs don’t resolve anything.

Querying Specific DNS Servers

Sometimes you want to ping a specific server for DNS queries. One can easily achieve that by adding @DNS server IP address, choosing any DNS server for a particular query.

$ dig @1.1.1.1 geekflare.com  noall  answer  stats
geekflare.com.		300	IN	A	172.66.40.93
geekflare.com.		300	IN	A	172.66.43.163
;; Query time: 156 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Wed Nov 09 04:18:56 UTC 2022
;; MSG SIZE  rcvd: 74

You can verify this in the stats section, which mentions Server: 1.1.1.1, which belongs to Cloudflare.

Similarly, one can query Google DNS servers (8.8.8.8):

$ dig @8.8.8.8 geekflare.com mx  noall  answer  stats
geekflare.com.		300	IN	MX	1 aspmx.l.google.com.
geekflare.com.		300	IN	MX	10 alt3.aspmx.l.google.com.
geekflare.com.		300	IN	MX	10 alt4.aspmx.l.google.com.
geekflare.com.		300	IN	MX	5 alt1.aspmx.l.google.com.
geekflare.com.		300	IN	MX	5 alt2.aspmx.l.google.com.
;; Query time: 44 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
;; WHEN: Wed Nov 09 04:23:16 UTC 2022
;; MSG SIZE  rcvd: 157

Let’s Dig it Up ⛏️

As the name speaks, these are used to dig out DNS information and identify related problems. Dig commands are usually fast at work and easy to memorize.

Not to mention, you can also install dig utilities on Mac and Windows, making them universal in their application.

PS: While you’re here, it would be criminal not to introduce you to the Geekflare Sysadmin library, a one-stop solution hub for your sysadmin headaches.