Dig command Details (reprint)-Aquan's study

Under UNIX and Linux, it is recommended that you use the dig command instead of Nslookup. The function of the dig command is much more powerful than the nslookup, unlike Nslookkup, which has to set to set to go, blame trouble.

Here are some of the more commonly used commands for dig:

# The most basic usage of dig
Dig @server qianlong.com
# View Zone data transfer with dig
Dig @server qianlong.com AXFR
# View incremental transfer of zone data with dig
Dig @server qianlong.com Ixfr=n
# View reverse resolution with dig
Dig-x 124.42.102.203 @server
# Find an authoritative DNS server for a domain
Dig qianlong.com +nssearch
# Start tracking the parsing process of a domain name from the root server
Dig qianlong.com +trace
# See which F root DNS server you are using
Dig +norec @f.root-servers.net HOSTNAME. BIND CHAOS TXT
# View the version number of BIND
Dig @bind_dns_server CHAOS TXT version.bind

********************************
You can go to www.isc.org to download a version of BIND for Windows installation, you can use the Dig command on Windows after installation. ^O^
Ftp://ftp.isc.org/isc/bind/contrib/ntbind-9.3.0/BIND9.3.0.zip
*********************************

Use

DNS Query Utility.

Grammar

Dig [@server] [-B address] [-C class] [-f filename] [-k filename] [-n][-p port#] [-t type] [-X addr] [-y name:key] [name ] [Type] [class] [queryopt ...]
Dig [-h]
Dig [global-queryopt ...] [Query ...]

Describe

The dig (Domain Information Finder) command is a flexible tool for asking DNS domain name servers. He performs a DNS search that displays replies returned from the requested domain name server. Most DNS administrators use dig as a troubleshooting for DNS problems because of his flexibility, ease of use, and clear output. Although dig typically uses command-line arguments, he is also able to read a search request from a document in batch mode. Unlike earlier versions, the BIND9 implementation of dig allows multiple queries to be emitted from the command line. Unless instructed to request a specific domain name server, dig will attempt to/etc/resolv.conf any of the servers listed in the. When no command-line arguments or options are specified, the dig will be "." (root) executes the NS query.

Sign

-B address configures the source IP address to be queried. This must be a valid address on the host network interface.
The-C class default query class (in for Internet) is reset by option-C. Class can be any legal class, such as the HS class that queries Hesiod records or the CH class that queries Chaosnet records.
-f filename causes dig to run in batch mode and is processed by reading a series of search requests from the document filename. The document contains many queries, one per line. Each item in the document should be organized in the same way as the dig query using the command-line interface.
-H when the option-H is used, a brief summary of command-line arguments and options is displayed.
-k filename to sign the DNS query sent by dig along with the response to them using transaction signing (TSIG), specify the TSIG key document with option-K.
-N By default, use IP6. ARPA domain and RFC2874-defined binary designator search IPV6 address. To use an earlier RFC1886 method that uses the Ip6.int domain and nibble tags, specify option-N (Nibble).
-P port# If you need to query a non-standard port number, use the option-P. port# is the port number that dig will send its query to, not the standard DNS port number 53. This option can be used to test a domain name server that has been configured on a non-standard port number to listen for queries.
-T type the configuration query type is. can be any valid query type supported by BIND9. The default query type is a, unless the-X option is provided to indicate a reverse query. You can request a zone transfer by specifying the type of AXFR. When an incremental zone transfer (IXFR) is required, the type is configured as Ixfr=n. An incremental zone transfer will contain changes to the zone since the sequence number in the SOA record of the zone has been changed to N.
The-X addr reverse query (mapping addresses to names) can be simplified with the-x option. Addr is a IPv4 address or a colon-bounded IPv6 address that is bounded by a decimal point. When you use this option, you do not need to provide the name, class, and type parameters. Dig automatically runs a domain name query similar to 11.12.13.10.IN-ADDR.ARPA and configures the query type and class for PTR and in respectively.
-Y Name:key You can specify the TSIG key by using the-y option on the command line; name is the TSIG password, and key is the actual password. The password is a 64-bit cryptographic string, usually generated by Dnssec-keygen (8). Caution should be exercised when using option-Y on multi-user systems because the password may be visible in the output of PS (1) or in the history document of the shell. When using both dig and TSCG authentication, the queried name server needs to know the password and decoding rules. In BIND, the implementation is implemented by providing the correct password and the server declaration in named.conf.

Parameters

Global-queryopt ... Global query options (see multiple queries).
Query query options (see query Options).
Query options
Dig provides a query option number that affects the search method and results display. Some in the query request header configuration or reset flag bit, part of the decision to display which reply information, other determine timeout and retry strategy. Each query option is identified by a keyword with a prefix (+). Some keywords to configure or reset an option. The usual prefix is the string no that is the meaning of the Negation keyword. Other keywords assign values for each option, such as the time-out interval. Their format is shaped like +keyword=value. The query options are:
+[no]tcp
Use [Do not use] TCP when querying a domain name server. The default behavior is to use UDP, except for AXFR or IXFR requests, to use a TCP connection.
+[no]vc
Use [Do not use] TCP when querying the name server. +[NO]TCP's alternate syntax provides backward compatibility. VC stands for Virtual circuit.
+[no]ignore
Ignore the interrupt of the UDP response, not retry with TCP. TCP retries are run by default.
+domain=somename
Setting a search list that contains a single domain somename appears to be specified by the domain pseudo-directive in/etc/resolv.conf, and the Search list processing is enabled, as if the +search option is given.
+[no]search
A search list that is defined using the [do not use] search list or domain pseudo-directives in resolv.conf (if any). The search list is not used by default.
+[no]defname
Not recommended as a synonym for +[no]search.
+[no]aaonly
This option does nothing. He is used to provide compatibility with older versions of Dig that are configured to not implement parser flags.
+[no]adflag
Configure the [Do not configure] AD (real data) bit in the query. The AD bit now has standard meaning only in the response, but not in the query, but for completeness it is possible to configure this performance in the query.
+[no]cdflag
Configure the [Do not configure] CD (check disabled) bit in the query. He requests that the server not run the DNSSEC legitimacy of the response information.
+[no]recursive
The RD (requires recursive) bit configuration in the transformation query. This bit is configured by default, which means that dig normally sends a recursive query. Recursion is automatically disabled when you use the query option +nssearch or +trace.
+[no]nssearch
When this option is configured, Dig attempts to locate the authoritative domain name server that contains the network segment for which the name is to be searched and displays the SOA record for each domain name server in the network segment.
+[no]trace
Convert the proxy path trace to the name that you want to query from the root name server. Tracing is not used by default. Once tracing is enabled, Dig uses an iterative query to resolve the name to be queried. He will display a response from each server that uses the resolve query, as referenced from the root server.
+[no]cmd
Sets the initial comment in the output that indicates the dig version and the query options used. Comments are displayed by default.
+[no]short
Provide a brief response. The default value is to display the reply information in a verbose format.
+[no]identify
When the +short option is enabled, the IP address and port number provided to the answer are displayed [or not displayed]. If a short format answer is requested, the source address and port number of the server supplied to the answer are not displayed by default.
+[no]comments
The comment lines in the transformation output are displayed. The default value is to display a comment.
+[no]stats
This query option sets the display statistics: When the query is made, the size of the answer, and so on. The query statistics are displayed by default.
+[no]qr
Displays the query request that was sent [not displayed]. The default is not displayed.
+[no]question
When the answer is returned, the problem portion of the query request is displayed. The problem section is displayed by default as a comment.
+[no]answer
Displays the answer part of the [Do not show] answer. Displayed by default.
+[no]authority
Displays the permission portion of the [do not show] answer. Displayed by default.
+[no]additional
Displays an additional part of the [Do not show] answer. Displayed by default.
+[no]all
Configures or clears any display flags.
+time=t
Configure the time-out for the query to T seconds. The default is 5 seconds. If T is configured to a number less than 1, the query time-out is 1 seconds.
+tries=a
Configure the retry attempts to send a UDP query request to the server to a, instead of the default 3 times. If A is less than or equal to 0, then 1 is used as the retry count.
+ndots=d
For full consideration, the configuration must appear in the number of points in name D. The default value is defined using the Ndots statement in/etc/resolv.conf, or 1, if there is no ndots statement. Names with fewer points are interpreted as relative names and searched by Domain pseudo-directives in the field or document/etc/resolv.conf in the search list.
+bufsize=b
Configure the UDP message buffer size to be B bytes using EDNS0. The maximum and minimum values for the buffers are 65535 and 0, respectively. Values beyond this range are automatically rounded to the nearest valid value.
+[no]multiline
Displays similar SOA-like records in a well-detailed, multi-line format with readable annotations. The default value is to display a record on each individual line so that the computer resolves the output of the dig.
More than one query
Dig's BIND9 supports specifying multiple queries on the command line (additional features that support the-F Batch document option). Each query can use its own flag bits, options, and query options.
In this case, in the command-line syntax described above, each query argument represents an individual query. Each one is made up of any standard options and flags, the name to be queried, the optional query type, and the class, along with any query options that apply to the query.
You can also use the Global collection of query options that are valid for any query. The global query option must precede the tuple of the first name, class, type, option, flag, and query options on the command line. Any global query option (except for the +[NO]CMD option) can be reset by the following query special option. For example:
Dig +qr www.isc.org any-x 127.0.0.1 isc.org ns +NOQR show dig How to do three queries from the command line: an arbitrary query for www.isc.org, a 127.0.0.1 reverse query, along with an I NS record query for sc.org. The +QR Global query option is applied so that dig displays the initial query for each query. The last query has a local query option of +NOQR, which indicates that dig does not display the initial query when searching for NS records for isc.org.

Example

A typical dig call is similar to:
Dig @server name type where:
Server
Name or IP address of the name server you want to query. Can be a dot-delimited IPv4 address or a colon-delimited IPv6 address. When the server parameter is provided by the host, dig resolves that name before querying the nameserver. If no server parameters are available, dig refer to/etc/resolv.conf, and then query the name servers listed there. Displays an answer from the domain name server.
Name
The name of the resource record that will be queried.
Type
Displays the type of query you want-any, A, MX, SIG, and any valid query type. If no type parameter is supplied, dig will execute a query against record A.

Dig command Details (reprint)-Aquan's study