View the Host IP address resolved by the DNS host name and resolve the domain name to the DNS server

Source: Internet
Author: User
Tags domain name server dnssec mx record nslookup

1. view the Host IP address resolved by the DNS host name

Host Command
Resolve a host name to an Internet address or an Internet address to a host name.
Host [-n [-a] [-c Class] [-d] [-r] [-t Type] [-v] [-w] [-z] Hostname | Address [Server]
Hostnew [-a] [-c Class] [-d] [-r] [-t Type] [-v] [-w] [-z] Hostname | Address [Server]
The/usr/bin/host command returns the Internet Address of a host (when the Hostname parameter is specified) or the host name (when the Address parameter is specified ). The host command may also display any aliases associated with the HostName parameter, depending on the configuration of the name resolution service. The DNS examples include local, nis, and bind.
If the local host uses the DOMAIN protocol, query the local or remote name server database before searching the local/etc/hosts file.
The host command can also return other name records found in the DNS (Domain Name System. The-z flag specifies this method. Other logos allow custom query.
-A is equivalent to "-v-t *"
-C Class: Specify the Class to be searched when searching for non-Internet data. Valid classes:
MIT Althena Hesiod class
Wildcard (any of the above)
Wildcard (any of the above)
-D open the debugging method.
-N is equivalent to publishing the/usr/bin/hostnew command. The hostnew command is version 5.2 of the host Command.
-R disables recursive processing.
-T Type specifies the record Type to be queried. Valid type:
Host Internet address
Alias Name
Host CPU and operating system type
Security Key records
Email Address or email list information
Email Exchanger
Name server of the specified range
If an Internet address is queried, it is the host name. Otherwise, it is a pointer to other information.
Signature Record
Domain "Authorization start" Information
Text Information
User Information
Well-known services supported.
-V details.
-W always waits for an answer from the DNS server.
-Z uses the new output that displays resource record information.
Address indicates the Internet Address of the host used to resolve the host name. The Address parameter must be a valid Internet Address in decimal format.
HostName indicates the host name to be used to resolve the Internet address. The HostName parameter can be either a unique host name or a well-known Host Name (such as nameserver, printserver, timeserver, if any ).
Server specifies the name Server to query.
1. to display the host address whose host name is mephisto, enter:
Host mephisto
The following information is displayed:
Mephisto address:; alias: engr, sarah
2. to display the host name whose address is, enter:
The following information is displayed:
Mercutio address:
3. display the MX record of the domain named Enter:
Host-n-t mx
Hostnew-t mx
The following information is displayed: mail is handled (pri = 10) by mail is handled (pri = 10)
/Etc/hosts contains the Internet Protocol (IP) name and the host address on the local network.
Related information
Hostname command
Named daemon.

2. DNS domain name resolution to the DNS server

In UNIX and Linux, we recommend that you use the dig command instead of nslookup. The dig command is much more powerful than nslookup. Below are some common dig commands:

# Dig basic usage

Dig @ server

# View zone data transmission with dig

Dig @ server AXFR

# Use dig to view incremental zone Data Transmission

Dig @ server IXFR = N

# View reverse resolution with dig

Dig-x @ server

# Find an authorized dns server for a domain

Dig + nssearch

# Tracing the resolution process of a domain name from the root server

Dig + trace

# Check which F root dns server you are using


# View the bind Version Number

Dig @ bind_dns_server chaos txt version. bind


You can download a bind for windows installation package at After installation, you can use the dig command on windows. ^ O ^




DNS query utility.


Dig [@ server] [-B address] [-c class] [-f filename] [-k filename] [-n] [-p port #] [-t type] [-x addr] [-y name: key] [name] [type] [class] [queryopt...]

Dig [-h]

Dig [global-queryopt...] [query...]


The dig (domain information searcher) command is a flexible tool for querying DNS domain name servers. He performs a DNS search to display the responses returned from the requested Domain Name Server. Most DNS administrators use dig for DNS fault diagnosis because of its flexibility, ease of use, and clear output. Although dig normally uses command line parameters, it can also read search requests from documents in batch processing mode. Different from earlier versions, dig's BIND9 implementation allows multiple queries from the command line. Dig will try any server listed in/etc/resolv. conf unless it is notified to request a specific domain name server. When no command line parameters or options are specified, dig will execute NS query on "." (Root.


-B address: configure the source IP address of the address to be queried. This must be a valid address on the host network interface.

-C class default Query class (IN for internet) is reset by option-c. Class can be any legal class, such as querying the HS class of the Hesiod record or querying the CH class of the CHAOSNET record.

-F filename enables the dig to run in batch mode and read a series of search requests from the filename file for processing. The document contains many queries. Each line contains one query. Each item in the document should be organized in the same way as the dig query using the command line interface.

-H: When option-h is used, a brief command line parameter and option summary are displayed.

-K filename: To sign the DNS query sent by dig together with the response to their use of the transaction signature (TSIG), use option-k to specify the TSIG key document.

-N by default, use the binary label defined by IP6.ARPA and RFC2874 to search for the IPv6 address. To use the RFC1886 method of IP6.INT domain and nibble label earlier, specify option-n (nibble ).

-P port # If you want to query a non-standard port number, use option-p. Port # Is the port number that dig will send its query, rather than the standard DNS port number 53. This option can be used to test the domain name server that has been configured to listen for queries on a non-standard port number.

-T type: Set the query type to type. It can be any valid Query type supported by BIND9. The default Query type is A, unless the-x option is provided to indicate A reverse query. You can request a region for transmission by specifying the AXFR type. When you need incremental regional transmission (IXFR), set type to ixfr = N. Incremental region transfer will include the changes made to the region after the serial number in the SOA record of the region is changed to N.

-X addr reverse query (ing addresses to names) can be simplified using the-x option. Addr is an IPv4 address bounded by the decimal point or an IPv6 address bounded by a colon. When this option is used, the parameter name, class, and type are not required. Dig automatically runs a domain name query similar to arpa, and configures the query type and class as PTR and IN respectively.

-Y name: key you can use the-y option on the command line to specify the TSIG key. name indicates the name of the TSIG password, and key indicates the actual password. The password is a 64-bit encrypted string, usually generated by dnssec-keygen (8. Exercise caution when using option-y on a multi-user system, because the password may be visible in ps (1) output or shell history documents. When both dig and TSCG are used for authentication, the queried name server needs to know the password and decoding rules. In BIND, provide the correct password and the server declaration in named. conf.


Global-queryopt... global query option (see multiple queries ).

Query options (see query options ).

Query options

Dig provides the query option number, which affects the search method and result display. Some in the query request header configuration or reset flag, some decide which reply information to display, other determine timeout and retry strategies. Each query option is identified by a keyword with a prefix (+. Some keywords are used to configure or reset an option. Generally, the prefix is the string no used to search for the meaning of the keyword. Other keywords are used to assign values of each option, such as the timeout interval. Their format is like + keyword = value. The query options are:

+ [No] tcp

[Not used] TCP is used to query the Domain Name Server. The default behavior is to use UDP. TCP connections are used unless it is an AXFR or IXFR request.

+ [No] vc

[Not used] TCP is used to query the name server. + [No] the standby Syntax of tcp provides backward compatibility. Vc represents a virtual circuit.

+ [No] ignore

Ignore the interruption of UDP response, rather than retry over TCP. TCP Retry is run by default.

+ Domain = somename

Set the search list containing the somename of a single domain. It seems that it is specified by the domain pseudo command in/etc/resolv. conf and the search list processing is enabled. It seems that the + search option is given.

+ [No] search

Use the [do not use] search list or the search list defined by the domain pseudo command (if any) in resolv. conf. The search list is not used by default.

+ [No] defname

It is not recommended to consider it as a synonym for + [no] search.

+ [No] aaonly

This option does not do anything. It is used to provide compatibility with the old version of dig that is configured to not implement the parser flag.

+ [No] adflag

Configure the [not configured] AD (real data) bit in the query. Currently, the AD bit only has a standard meaning in the response, but not in the query. However, this performance can be configured for the sake of completeness.

+ [No] cdflag

Configure the [not configured] CD (check disabled) bit in the query. The validity of the DNSSEC that requests the server not to run the response information.

+ [No] recursive

Convert the RD (recursive) Bit configuration in the query. This bit is configured by default, that is, the dig sends recursive queries under normal circumstances. When the query option + nssearch or + trace is used, recursion is automatically disabled.

+ [No] nssearch

When this option is configured, dig tries to find the authoritative Domain Name Server that contains the domain name to be searched, and displays the SOA records of each domain name server in the network segment.

+ [No] trace

The proxy path trace whose name starts from the root name server to be queried. Trail is not used by default. Once tracing is enabled, dig uses iterative query to parse the name to be queried. Based on the reference from the root server, the system displays responses from each server that uses resolution queries.

+ [No] cmd

Set the initial comment indicating the dig version and the query options used in the output. By default, annotations are displayed.

+ [No] short

Provide a brief response. The default value is to display the reply information in lengthy format.

+ [No] identify

When the + short option is enabled, [or not] IP addresses and port numbers provided to answer are displayed. If the request is responded in a short format, the source address and port number of the server provided to the answer are not displayed by default.

+ [No] comments

Display the comment lines in the conversion output. The default value is to display comments.

+ [No] stats

This query option sets the display statistics: the size of the response during the query, and so on. The query statistics are displayed by default.

+ [No] qr

Displays [not displayed] query requests sent. Not Displayed by default.

+ [No] question

When a response is returned, the [not displayed] query request question section is displayed. The problem is displayed as a comment by default.

+ [No] answer

The [not displayed] Answer section is displayed. Display by default.

+ [No] authority

Displays the [not displayed] response permission section. Display by default.

+ [No] additional

Displays the additional part of the [not displayed] response. Display by default.

+ [No] all

Configure or clear any display flag.

+ Time = T

Configure the timeout time for the query to T seconds. The default value is 5 seconds. If T is set to a value smaller than 1, the query timeout time is 1 second.

+ Tries =

Configure the number of Retries for sending UDP query requests to the server as A, instead of the default 3. If A is smaller than or equal to 0, 1 is used as the number of retries.

+ Ndots = D

For full consideration, the configuration must appear in the number of points with the name D. The default value is defined by the ndots statement in/etc/resolv. conf, or 1, if there is no ndots statement. The name with fewer points is interpreted as a relative name, and is searched by the domain pseudo command in the search list or in the/etc/resolv. conf file.

+ Bufsize = B

Configure the UDP message buffer size of EDNS0 to B bytes. The maximum and minimum values of the buffer are 65535 and 0, respectively. Values beyond this range are automatically rounded to the nearest valid value.

+ [No] multiline

Displays SOA-like records in a detailed multi-row format with readable comments. The default value is to display a record on each line for the computer to parse the dig output.

Multiple queries

The BIND9 of dig allows you to specify multiple queries on the command line (the-f batch processing documentation option is supported ). Each query can use its own flag, options, and query options.

In this case, in the command line syntax described above, each query independent variable represents a separate query. Each entry contains any standard options and flag, name to be queried, optional query types and classes, and any query options that apply to this query.

You can also use a global set of query options that are valid for any query. The global query option must be located before the tuples of the first name, class, type, option, flag, and query option in the command line. Any global query option (except the + [no] cmd option) can be reset by the following special options. For example:

Dig + qr any-x ns + noqr show how dig performs three queries from the command line: one query for and the other query for, query an NS record. The + qr global query option is applied to facilitate the dig display for initial query of each query. The last query has a local query option + noqr, indicating that the dig does not display the initial query when searching the NS record of


A typical dig call is similar:

Dig @ server name type where:


The name or IP address of the name server to be queried. It can be IPv4 addresses separated by dots or IPv6 addresses separated by colons. When the server parameters are provided by the host, the dig resolves the name before querying the Domain Name Server. If no server parameters are available, refer to/etc/resolv. conf for dig and query the domain name servers listed there. The response from the Domain Name Server is displayed.


The name of the resource record to be queried.


Display the required query types-ANY, A, MX, and SIG, along with ANY valid query types. If no type parameter is provided, dig queries record.


[Root @ mongotop40 Desktop] # dig

; <> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <>
; Global options: + cmd
; Got answer:
;-> HEADER <-opcode: QUERY, status: NOERROR, id: 64356
; Flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

; Question section:

; Answer section: 86400IN A

; Authority section: 86400IN NS

; Query time: 0 msec
; SERVER: #53 (
; WHEN: Wed May 14 12:49:01 2014
; Msg size rcvd: 70

[Root @ mongotop40 Desktop] #

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.