The dig command is primarily used to query host address information from a DNS domain name server.
querying DNS information for a single domain name
The most typical use of the dig command is to query the information of a single host.
$ dig baidu.com
The dig command is rich in output information by default and can be divided into 5 parts.
The first section shows the version of the dig command and the input parameters.
The second section shows some of the technical details returned by the service, and more importantly the status. If the value of status is NoError, the query ends successfully.
The "QUESTION section" in part three shows the domain name we want to query.
The "ANSWER section" in part four is the result of the query.
Part Five is the query of some statistical information, such as how long it took to query which DNS server, at what time the query and so on.
By default, the dig command queries the A record, and a that shows the record type of the query is a record. Before attempting to query other types of records, let's look at common DNS record types.
types of common DNS records
||Address record, used to specify the IPV4 address of the domain name, if you need to point the domain name to an IP address, you need to add a record.
||Used to specify the host name (or domain name) corresponding to the IPV6 address record.
||If you need to point a domain name to another domain name and then provide an IP address from another domain name, you need to add a CNAME record.
||If you need to set up a mailbox so that your mailbox can receive mail, you'll need to add an MX record.
||Domain Name server records, if you need to hand over the domain name to other DNS server resolution, you need to add NS records.
||This record of SOA is a mandatory record in all regional documents. It must be the first record in a file.
||You can write anything, with a length limit of 255. The vast majority of TXT records are used to make SPF records (anti-spam).
querying records for a CNAME type
In addition to the A record, common DNS records also have CNAME, and we can specify the DNS record type to query at query time:
$ dig abc.filterinto.com CNAME
This results in only the CNAME record. In fact, we can specify the type of any DNS record in the query.
querying from a specified DNS server
For some reasons, you might want to query from a specified DNS server (the results obtained from the default DNS server may not be accurate). Specify a DNS server by using the @ symbol:
$ dig @8.8. 8.8 abc.filterinto.com
The DNS server from which you can see this query is 220.127.116.11.
If you do not specify a DNS server, dig will use the address in the/etc/resolv.conf as the DNS server in turn:
$ dig abc.filterinto.com
The DNS server queried above becomes:
In the previous query we specified the query server as 18.104.22.168, which is the home DNS server? In fact, we can use the Dig-X option to reverse resolve the domain name of the IP address:
8.8. 8.8 + Short
Well, it should be the Google home, you can rest assured that the use of.
Control Display Results
The dig command returns the results by default, showing detailed information, and if you want to get a streamlined result you can use the +short option:
$ dig + short abc.filterinto.com
This shows the result is much more refreshing.
In fact, we can also control the content of the output by more options, such as just want to display the content of "ANSWER section":
$ dig abc.filterinto.com +nocomments +noquestion +noauthority +noadditional +nostats
This result is very good, is the use of too many options (Dig command has many of these options, please refer to the user manual for details). We can achieve the same result as above in a graceful way:
$ dig abc.filterinto.com +noall +answer
View TTL (Time to Live)
TTL is an important metric in DNS resolution, primarily to control the cache time of DNS records on DNS servers:
$ dig abc.filterinto.com
The units in the query result are seconds. The following command shows you how to streamline some of the test results:
$ dig +nocmd +noall +answer +ttlid abc.filterinto.com
track the entire query process
If you are curious about the processes that dig commands to perform queries, you can try using the +trace option. It will output all the information from the root domain to the final result:
$ dig +trace abc.filterinto.com
is not a complete result, interested friends can try it on their own.
Dig is a very strong DNS query tool, this article only describes its common usage, more command options and how to use the man page to see.
Linux Dig commands