Dig Introduction:
Dig is a tool that queries DNS for information such as NS Records, A records, MX records, and so on in Unix-like command-line mode. Because it has been missing
Dig man page document, this article right when a Dig use the wizard.
Dig's source code is part of the ISC bind package, but most of the files that compile and install bind do not include it, but the Linux system
System, it is usually a part of a package, under Gentoo is Bind-tools, under Redhat/fedora is bind-utils, or in
Under Debian is dnsutils.
If you are looking for information about bind configuration, you should refer to my article: Bind for the mall LAN
(http://www.madboa.com/geek/soho-bind/).
Read the default output:
The simplest and most common query is to query a host, but by default, the output information for dig is verbose. You may not need all the output,
But it does deserve to know.
=======================================================================
The following is a query with comments:
$ digwww.isc.org
Above is the command line where I call dig.
; <<>> DiG 9.2.3 <<>> www.isc.org
;; Global Options:printcmd
The partial output of the dig tells us some information about its version 9.2.3 and the global Settings option if +nocmd on the command line
Is the first parameter, then this part of the output can be +nocmd by adding a query.
;; Got Answer:
;; ->>header<<-opcode:query, Status:noerror, id:43071
;; Flags:qr Rd RA; Query:1, Answer:1, Authority:3, Additional:3
Here, Dig tells us some technical information returned from DNS, this information can be used to control the display with the option +[no]comments, but careful
, it is also possible to turn off some other options by banning comments.
;; QUESTION section:
; www.isc.org. In A
In this query section, dig shows the output of our query, the default query is to query a record, you can display or prohibit the use of these +[no]
Question Options
;; ANSWER section:
www.isc.org. In A 204.152.184.88
Finally, we get the results of our query. Www.isc.org's address is 204.152.184.8, I don't know why you prefer to filter it out.
These outputs, but you can keep these options with +[no]answer.
;; Authority section:
isc.org. 2351 in NS ns-int.isc.org.
isc.org. 2351 in NS ns1.gnac.com.
isc.org. 2351 in NS ns-ext.isc.org.
This authoritative note tells us which DNS server provides authoritative answers to us. In this example, Isc.org has 3 name servers, and you
This output can be preserved with the +[no]authority option.
;; ADDITIONAL section:
ns1.gnac.com. 171551 in A 209.182.216.75
ns-int.isc.org. 2351 in A 204.152.184.65
ns-int.isc.org. 2351 in AAAA 2001:4f8:0:2::15
These additional options are representative of the IP addresses of the authoritative DNS listed, which can be reserved with the +[no]additional option.
;; Query time:2046 msec
;; server:127.0.0.1#53 (127.0.0.1)
;; When:fri 27 08:22:26 2004
;; MSG SIZE rcvd:173
The last section of the default output contains the statistics of the query, which can be reserved with +[no]stats.
===========================================================================
What can we inquire about?
Dig allows you to effectively query DNS, the most commonly used queries are A records, TXT (text comments), MX records, NS records, or any combination of queries.
Find a record for yahoo.com: (This must be a domain and not a host, as our company is xinpindao.com)
Dig yahoo.com A +noall +answer
To find a list of yahoo.com MX records:
Dig yahoo.com MX +noall +answer
To find the authoritative DNS for yahoo.com:
Dig yahoo.com NS +noall +answer
Query all of the above records:
Dig yahoo.com any +noall +answer
In this case, you can also use the AAAA option to query the host's IPv6 AAAA record for this IPv4 and IPV6 mix:
Dig www.isc.org AAAA +short
If the domain you want to query allows forwarding, you can also query the relevant information, such as DNS records on the Internet life cycle, but now
In only a few DNS allow unrestricted forwarding.
How do we check? Get a streamlined answer?
When we need a quick answer, the +short option is your best friend:
Dig www.isc.org +short
204.152.184.88
Get an answer that's not very concise?
Streamlining answers is not the same as just one answer,
The way to get a detailed answer without additional information is to use the +noall option so that only the output you want is preserved.
Here is a thin query with only one answer, and finally contains all the configuration information, including TTL data, formatted BIND configuration information.
$ dig fsf.org mx +short
Mx20.gnu.org.
Mx30.gnu.org.
Ten mx10.gnu.org.
$ dig +nocmd fsf.org mx +noall +answer
fsf.org. 3583 in MX mx30.gnu.org.
fsf.org. 3583 in MX mx10.gnu.org.
fsf.org. 3583 in MX mx20.gnu.org.
get a detailed answer?
Through its man page, you can get a lengthy multiline mode with a user-friendly annotated DSN SOA record through the +multiline option, in general,
The information obtained with the +multiline option can be displayed a lot, just like the bind configuration file.
$ dig +nocmd ogi.edu any +multiline +noall +answer
ogi.edu. 14267 in A 129.95.59.31
ogi.edu. 14267 in MX 5 cse.ogi.edu.
ogi.edu. 14267 in MX hermes.admin.ogi.edu.
ogi.edu. 14267 in SOA zeal.admin.ogi.edu. Hostmaster.admin.ogi.edu. (
200408230; Serial
14400; Refresh (4 hours)
900; Retry (minutes)
3600000; Expire (5 weeks 6 days hours)
14400; Minimum (4 hours)
)
ogi.edu. 14267 in NS zeal.admin.ogi.edu.
ogi.edu. 14267 in NS cse.ogi.edu.
ogi.edu. 14267 in NS fork.admin.ogi.edu.
Find PTR records?
You can use the-X option to find the host name of an IP address.
$ dig-x 204.152.184.167 +short
Mx-1.isc.org.
In this loop, the script has the flexibility to map the name in the given subnet.
#!/bin/bash
net=18.7.22
For n in $ (seq 1 254); Do
Addr=${net}.${n}
Echo-e "${addr}\t$ (dig-x ${addr} +short)"
Done
Query a different naming server?
The query commands are as follows:
Dig @ns1. Google.com www.google.com
Use the record query inside the/etc/resolv.conf
The host will automatically query DNS records from the/etc/resolv.conf file
$ host www
Www.madboa.com has address 65.102.49.170
However, by default, dig produces some unexpected output. If you want to query the local hostname instead of the full domain name, use the
+search Options
Dig www +search
handle most of the queries?
If you want to query a large number of host names, you can store them in a text file (one record line), using the dig with the-f parameter to
Second query.
# Querying a large number of host names
Dig-f/path/to/host-list.txt
# The same, more explicit output
Dig-f/path/to/host-list.txt +noall +answer
But I have to tell you that the dig 9.2.3 and later versions do not support the use of the-f option to reverse the query.
Verifying DNS Mappings
Incorrect DNS configuration can cause you a lot of distress, and there are two ways to verify your DNS configuration:
1. Each hostname should be resolved to an IP address, and that IP address should also be directed back to that host name.
2. If an address on your subnet is directed to a hostname, the host name must also point to that IP.
For these two rules, there are some exceptions, such as the CNAME should first resolve to a different host name, and can only point to an IP
, sometimes multiple host names point to the same IP address, but that IP can have only one PTR record.
In summary, these help you check whether your DNS mappings work as you think.
You can also write a test script to write your known hostname, as shown below, and the content is simple; when it executes, when it snaps to a CNAME, it
will be interrupted if multiple host names point to the same IP address it will error. Let's say this file contains your hostname called named-hosts.
。
#!/bin/bash
#
# test DNS Forward-and reverse-mapping
#
# edit this variable to reflect local class C subnet (s)
nets= "192.168.1 192.168.2"
# Test name to address to name validity
Echo
Echo-e "\tname, address and name"
Echo '----------------------------------'
while read H; Do
addr=$ (Dig $H +short)
If Test-n "$ADDR"; Then
host=$ (dig-x $ADDR +short)
if test "$H" = "$HOST"; Then
Echo-e $HOST, $ADDR, ok\t$h
Elif test-n "$HOST"; Then
Echo-e $HOST, $ADDR, fail\t$h
Else
Echo-e "Fail\t$h $ADDR [Unassigned]"
Fi
Else
Echo-e "fail\t$h [Unassigned]"
Fi
Done < named-hosts
# Test address to name to address validity
Echo
Echo-e "\taddress, name-and-Address"
Echo '-------------------------------------'
For NET in $NETS; Do
For n in $ (seq 1 254); Do
A=${net}.${n}
host=$ (dig-x $A +short)
If Test-n "$HOST"; Then
addr=$ (Dig $HOST +short)
if test "$A" = "$ADDR"; Then
Echo-e $ADDR, $HOST, ok\t$a
Elif test-n "$ADDR"; Then
Echo-e $ADDR, $HOST, fail\t$a
Else
Echo-e "fail\t$a $HOST [Unassigned]"
Fi
Fi
Done
Done
Interesting dig.
Create your own Named.root file
Any DNS server connected to the Internet will certainly have a copy of the InterNIC named.root file that lists the root of all the Internet
DNS, if you are not afraid of trouble, you can often download it from the InterNIC FTP server, or you can use the dig command
Create your own funky Named.root
# Compare with Ftp://ftp.internic.net/domain/named.root
Dig +nocmd. NS +noall +answer +additional
Your TTL value may be small here, but it's where you find the latest Named.root file!
Tracing the query path for dig
You may be a traceroute enthusiast and often like to see How to connect point B from point A. Then you can use the Dig +trace option to do something like
The matter.
Dig gentoo.de +trace
You can see the root DNS in the header section of the dig output, and then find the DNS that resolves all *.de, and finally find the gentoo.de domain name IP.
Get SOA Records
As a DNS administrator, I sometimes make some changes (to DNS configuration) and wonder if my DNS resolution is pushing or old data.
This +nssearch option provides clear statistics for your public servers.
# The Unvarnished truth
Dig cse.ogi.edu +nssearch
# the same, displaying only serial number and hostname
Dig cse.ogi.edu +nssearch | Cut-d '-f4,11
Interpreting TTL values
One of the reasons I love Google for many reasons is that it provides accurate links in my web logs, which makes it easy for me to point out
Which type of query leads people to access the pages of this site.
Unexpectedly, I've seen a lot of requests asking for a TTL value, and I never thought the TTL would be the most popular thing, but every day you
Are learning new things, so, in response to everyone's request, here a little bit about the TTL.
If you query the Internet address from local DNS, the server points out where to get the authoritative answer and get the address, once the server learns the answer, it
Save the answer in the local cache so that you can query the same address again later in the day, so that it will quickly get you from the cache
The answer is much faster than if you were to query the Internet again.
When domain administrators configure DNS records, they can determine how long this record can be stored in the cache, which is the TTL value (usually
Seconds to indicate).
Typically, the remote server typically stores only the TTL value for a recorded cache for a long time. After the time expires, the server refreshes its local cache and
Re-query an authoritative answer.
When you use dig to query a DNS server for a record, the server tells dig how long this record can remain in the cache.
For example, as written above, the TTL value of the MX record for the gmail.com domain is that the administrator of the 300s,gmail.com domain requires the remote server to slow
The MX record to save it cannot be higher than 5 minutes, so when you first query that record (gmail.com's MX record), Dig will tell you a 300
The TTL.
$ dig +nocmd gmail.com MX +noall +answer
gmail.com in MX gsmtp57.google.com.
gmail.com in MX ten gsmtp171.google.com.
If you check back for a while, you'll find that the TTL value is reduced to 280 (20s in interval).
$ dig +nocmd gmail.com MX +noall +answer
gmail.com. 280 in MX gsmtp171.google.com.
gmail.com. 280 in MX gsmtp57.google.com.
If your time is good enough, you will get the last surviving time of this record.
$ dig +nocmd gmail.com MX +noall +answer
gmail.com. 1 in MX ten gsmtp171.google.com.
gmail.com. 1 in MX gsmtp57.google.com.
After that, the DNS server you are querying will "forget" the answer to the question, and the next time you query this record, the entire loop will start (
In this example, 300s).
The official source of this howto is http://www.madboa.com/geek/dig/.