How Can You Specify the Intended Dns Server to Query With the Dig Command?ã¢â‚¬â€¹

Fatmawati Achmad Zaenuri/Shutterstock

The Linux gibe instruction allows you to inquiry DNS servers and perform DNS lookups. You pot also receive the domain an IP address leads back to. We'll show you how!

How the dig Command Works

People use the Linuxdig command to query Domain Name System (DNS) servers. dig is an acronym for Domain Information Groper. With dig, you can query DNS servers for information regarding various DNS records, including host addresses, mail exchanges, list servers, and related information. It was intended to be a tool for diagnosing DNS issues. Yet, you can use it to poke around and learn more virtually DNS, which is unitary of the central systems that keep the internet routing traffic.

The internet uses internet protocol (IP) addresses to nam "locations" around the web, but people use domain names. When you group A demesne name into an application, like a web browser or SSH client, something has to translate from the area name to the genuine Informatics address. This is where the Orbit Name System comes in.

When you utilise a sphere name with any internet-connected program, your local router can't resolve information technology (unless it's cached from a previous bespeak). So, your router queries either your Cyberspace Service Provider's (ISP) DNS server, or whatsoever other you've configured your organisation to use. These are known as DNS precursor servers.

If the DNS server recently received the same request from someone else on the same computer, the answer might be in its cache. If that's the case, IT bu sends that homophonic information back to your program.

If the DNS precursor waiter tail't locate the domain in its cache, it contacts a DNS rout discover host. A root server North Korean won't hold the info required to resolve domain names to Information processing addresses, merely information technology will hold lists of servers that can help with your quest.

The root host looks at the top-level domain to which your domain name belongs, such as .COM, .ORG, .CO.UK, and so on. It then sends a list of the top-level orbit servers that wield those types of domains back to the DNS forerunner server. The DNS precursor server can then make its request once more, to a top-level domain host.

The top-level domain server sends the details of the authoritative cite server (where the inside information of the domain are stored) back to the DNS precursor host. The DNS server then queries the authoritative name server that's hosting the zone of the domain you originally entered into your program. The authoritative name server sends the Information processing address back to the DNS server, which, in work, sends it second to you.

Installing dig

dig was already installed on our Ubuntu 18.04 and Fedora 30 computers. However, we had to instal it connected the Manjaro 18.04 computer with the following overtop:

sudo pacman -Sy bind-tools

Getting Started with slam

In our first example, we'll return the IP addresses associated with a domain name. Often, eightfold IP addresses are associated with a single domain name. This often happens if load balancing is victimised, for example.

We use the +abbreviated query option, as shown below, which gives us a terse response:

dig howtogeek.com +stubby

All the Informatics addresses associated with the howtogeek.com domain are listed for us. At the otherwise end of the spectrum, if we Don River't use the +shortish query option, the output is rather verbose.

So, we type the following to pipe it done less:

dig howtogeek.com | less

The output is displayed in less, as shown below.

Here's the full itemization:

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> howtogeek.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, Idaho: 12017 ;; flags: qr rd ra; QUERY: 1, Solvent: 4, Say-so: 0, Additive: 1  ;; Choose PSEUDOSECTION: ; EDNS: interpretation: 0, flags:; udp: 65494 ;; Enquiry SECTION: ;howtogeek.com. IN A  ;; ANSWER SECTION: howtogeek.com. 3551 IN A 151.101.194.217 howtogeek.com. 3551 IN A 151.101.130.217 howtogeek.com. 3551 IN A 151.101.66.217 howtogeek.com. 3551 IN A 151.101.2.217  ;; Query time: 0 millisecond ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Solarise Mar 22 07:44:37 EDT 2022 ;; MSG Size of it rcvd: 106

Army of the Pure's dissect that tack aside while.

Header

First, let's take a look at we have in the Header:

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> howtogeek.com ;; globose options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12017 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

Now, here's what all of that means:

• Number one line: The version of dig and the domain that was queried.
• Global options:As we'll catch, you posterior use dig to query multiple domains simultaneously. This line shows the options that have been applied to all of the domain queries. In our simple example, it was just the nonpayment +cmd (command) option.
• Opcode: Query: This is the type of operation that was requested which, in this case, was a inquiry. This value can also be iquery for an reverse query, operating theatre status if you're just testing the state of the DNS system.
• Status: Noerror: There were no errors and the request was right resolute.
• ID: 12017: This stochastic ID ties the request and response in concert.
• Flags: qr rd ra: These represen query, recursion desired, and recursion available. Recursion is incomparable constitute of DNS lookup (the other is iterative aspect). You power also see AA, which stands for Authoritative Answer, meaning an Authoritative Name Server provided the response.
• Query: 1: The number of queries in that seance, which was one.
• Answer: 4: The number of answers in this response, which is four.
• Government agency: 0: The numerate of answers that came from an Authoritative Mention Server, which was goose egg in that case. The response was returned from the cache of a DNS precursor server. There leave be no authoritative section in the response.
• Additive: 1: There is unitary piece of additional information. (Oddly, nothing is listed unless this assess is cardinal or high.)

Opt Pseudosection

Next, we insure the following in the Prefer Pseudosection:

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494

Lashkar-e-Toiba's split that refine:

• EDNS: version 0: The reading of Extension Organization for DNS that's being used. EDNS transmits figurative data and flags by extending the size of the User Datagram Protocol (UDP) packets. This is indicated by a variable size up flag.
• flags: No flags are in use.
• udp: 4096: The UDP packet size.

Question Section

In the Question section, we see the following:

;; QUESTION Part: ;howtogeek.com. IN A

Here's what this agency:

• howtogeek.com: The domain name we're querying.
• IN: We're making an internet class query.
• A: Unless we designate otherwise,dig bequeath request an A (address) record from the DNS server.

Answer Section

The Response part contains the following four answers we received from the DNS server:

howtogeek.com. 3551 IN A 151.101.194.217 howtogeek.com. 3551 IN A 151.101.130.217 howtogeek.com. 3551 IN A 151.101.66.217 howtogeek.com. 3551 IN A 151.101.2.217

Here's what these answers mean:

• 3551: This is the Time to Live (TTL), a 32-bit signed integer that holds the time time interval for which a record can be cached. When it expires, the data must be utilised in an serve to a request until it's been refreshed by the DNS server.
• IN: We made an Internet class query.
• A: We asked for an A record from the DNS server.

Statistics Division

Statistics is the final section, and IT contains the following entropy:

;; Query time: 0 millisecond  ;; SERVER: 127.0.0.53#53(127.0.0.53)  ;; WHEN: Sun Mar 22 07:44:37 EDT 2022  ;; MSG SIZE rcvd: 106

Here's what we've got:

• Query Time: 0 millisecond: The time it took to get the response.
• SERVER: 127.0.0.53#53(127.0.0.53): The Informatics Address and port number of the DNS server that responded. In this case, IT's pointing to the local caching stub resolver. This forwards DNS requests to whichever upstream DNS servers are configured. On the Manajro test computer, the dea enrolled here was 8.8.8.8#53, which is Google's public DNS service.
• WHEN: Sun Deflower 22 07:44:37 EDT 2020: When the request was successful.
• MSG SIZE rcvd: 106: The sizing of the message accepted from the DNS server.

Being Selective

You don't sustain to settle for the two extremes of tight-liplike and garrulous. The grasp command allows you to by selection include OR leave off sections from the results.

The following query options will remove that incision from the results:

• +nocomments: Don't show comment lines.
• +noauthority: Get into't display the authority section.
• +noadditional: Don't show the additional surgical incision.
• +nostats: Don't appearance the stats section.
• +noanswer: Don't show the answer section.
• +noall: Don't show anything!

The +noall query pick is ordinarily combined with i of those above to include a section in the results. So, instead of typing a long string out of query options to put off multiple sections, you can use +noall to turn them entirely off.

You can and then use the following inclusive inquiry options to turn those you want to see back on:

• +comments: Show comment lines.
• +potency: Register the authority division.
• +additive: Show the additive section.
• +stats: Display the stats section.
• +answer: Show the do section.
• +every last: Show everything.

We type the following to make a request and exclude the comment lines:

dig howtogeek.com +nocomments

If we use of goods and services the +noall query alternative on its own, as shown below, we won't get any reclaimable output:

dig howtogeek.com +noall

We can by selection add the sections we want to see. To add the answer section, we type the following:

savvy howtogeek.com +noall +serve

If we type the following to crook on +stats, we'll besides see the statistics section:

dig out howtogeek.com +noall +answer +stats

The +noall +answer combining is used often. You can hyperkinetic syndrome another sections to the command seam as needed. If you want to avoid typing+noall +do on the command line every clock time you use archeological site, you can put them in a configuration file out called ".digrc." It's located in your home directory.

We type the following to create one withecho:

echo "+noall +answer" > $HOME/.digrc

We can then typewrite the following to check its contents:

Arabian tea .digrc

Those two options will today follow applied to all future uses of dig, American Samoa shown below:

dig ubuntu.org

dig Linux.org

excavate github.com

Thisshaft configuration file will atomic number 4 busy for the unexpended examples in this article.

DNS Records

The info returned to your grasp requests is pulled from different types of records held along the DNS server. Unless we invite something diverse, dig queries the A (address) phonograph recording. The following are the types of records commonly used with gibe:

• A Record: Links the domain to an Information science version 4 savoir-faire.
• Mx Record: Chain armor exchange records blunt emails sent to domains to the correct mail server.
• NS Record: Name server records delegate a domain (or subdomain) to a set of DNS servers.
• TXT Show: Text records store textbook-based information regarding the sphere. Typically, they might be used to suppress spoofed or forged email.
• SOA Record: Start of agency records behind hold a lot of entropy about the domain. Here, you can uncovering the primary name server, the responsible party, a timestamp for changes, the frequency of zone refreshes, and a serial publication of prison term limits for retries and abandons.
• TTL: Time to live is a setting for each DNS record that specifies how long-acting a DNS precursor server is allowed to memory cache each DNS query. When that time expires, the data must comprise refreshed for subsequent requests.
• ANY: This tells drudge to return every character of DNS register it can.

Specifying the A record book type doesn't change the nonpayment action, which is to query the address record and hold the IP address, atomic number 3 shown below:

apprehend redhat.com A

To query the mail switch over records, we use the succeeding MX flag:

dig rube.com MX

The bring up server sag returns the pursual name of the root name servers associated with the top-horizontal surface domain:

hollow fedora.com NS

To query the start of potency record, we type the following SOA flag:

travail manjaro.com SOA

The TTL flag will show us the clip to live for the data in the DNS waiter's cache. If we make a series of requests, we see the clock time to live deoxidize to nothing, and and so jump back to its starting value.

We eccentric the succeeding:

dig usa.gov TTL

To see the text records, we case the TX flag:

turn over usa.gov TXT

Specifying the DNS Server

If you want to use a peculiar DNS server for your request, you can use the at sign on (@) to pass it to dig equally a command-line parametric quantity.

With the default option DNS host (see below), dig references the local caching nub resolver at 127.0.0.53.

dig usa.gov +stats

Now, we type the following to function Google's public DNS host at 8.8.8.8:

dig @8.8.8.8 the States.gov +stats

Using turn over with Multiple Domains

We can perish multiple domains to dig on the command tune, as shown below:

dig ubuntu.org fedora.org manjaro.com

If you on a regular basis check a set of domains, you can shop them in a text register and overhaul it to prod. All the domains in the file out volition personify checked in ric.

Our file is called "domains.txt." We'll use cat to show its table of contents, and then pass it to dig with the -f (file) option. We type the following:

cat domains.txt

dig -f domains.txt

Reverse DNS Lookups

If you have an Information science address and want to know where it goes, you can attempt a reverse DNS lookup. If it resolves to a host enrolled with a DNS server, you might personify able to retrieve out its region.

Whether you can depends on the bearing of a PTR (arrow record). PTRs resolve an IP destination to a fully qualified domain key. However, because these aren't mandatory, they'ray non always present happening a domain.

Let's see if we can find out where the IP address 209.51.188.148 takes U.S.A. We type the pursual, victimization the -x (turn back lookup) option:

dig -x 209.51.188.148

Presto! The IP address resolves to gnu.org.

Because a PTR is a DNS record, and we bon drudge give the sack request specified DNS records, couldn't we just ask over dig to retrieve the PTR for us? Yes, we can, but it does take a moment many work.

We have to provide the IP address in reverse order and tack .in-addr.arpa on the end, as shown below:

dig ptr 148.188.51.209.in-addr.arpa

We bring fort the same result; IT just took a routine much endeavor.

Can You dig It?

We all use the internet daily, and questioning minds have often wondered how the magic happens when we type the figure of a website into a web browser. Withdig, you can explore the processes of network conjuring.

How Can You Specify the Intended Dns Server to Query With the Dig Command?ã¢â‚¬â€¹

Source: https://www.howtogeek.com/663056/how-to-use-the-dig-command-on-linux/

Share this post