Dig is an acronym for Domain Information Groper that helps in querying DNS Information and as well as troubleshooting the issue related to it. The dig command is the popular command-line network administrative tool that provides information about the name server as well as host address and various DNS records that we query using the command. It is more flexible and a handful that replaces older tools such as nslookup.
In this context, we shall look into the different DNS records like A, AAAA, MX, NS, PTR, TXT, DKIM, and SPF.
How to Install Dig on Linux ?
The dig tool supports various Linux distributions. Below are the commands to install the dig on some popular Linux systems.
To Install in Ubuntu/Debian:
$ sudo apt install dnsutils
To Install in Centos/Fedora:
$ sudo yum install bind-utils
To verify Dig Installation, run the command:
$ dig –v
How to Query Domain 'A' Record ?
By default, the dig command will provide the DNS 'A' Record information, and the following is the output after querying the domain:
$ dig google.com
You will see in the output that the dig command provides four sections.
In the first section, the first row shows the dig version and domain name we look up to.
The second row shows the option that is used to query the domain which is (+cmd) by default in the current context. Lastly the headers, it is the response that the server provided during queries. In the flags section in header, qr, rd, and ra refer to query, recursion desired, and recursion available respectively which determine answer format.
In the second section, the OPT PSEUDOSECTION shows the advanced data that is used, Extension System for DNS (EDNS), and UDP shows the UDP packet size. The question section shows the query data that the dig command sent where IN refers to the Internet and A refer to the address record we required.
The third section shows the answers to the requested query. The first column shows the server name that the dig command query, the second column shows a set timeframe after which the record is refreshed, the third column shows the class of query, the fourth column shows the DNS record the command query, and the last column shows the ipv4 IP address that is linked with the domain name.
The final section shows the metadata or statistics of the query.
How to Query Domain 'AAAA' Records ?
In order to query DNS records, we need to specify the record type in the command. We can shorten the output by using the +shorts, following is the output of how it worked:
$ dig +short google.com AAAA
How to Query Domain 'NS' Records Displaying Only Answers ?
Here, we will use +noall will clear all display flags which doesn’t give any output, and using the +answer option will output the answer section only:
$ dig google.com 'NS' +noall +answer
How to Query Multiple DNS Records ?
We can query multiple DNS Records using the dig command. Here, we will query A records and TXT records using dig.
$ dig google.com +nocomments yahoo.com +noall +answer
How to Query Domain 'MX' Records ?
The MX refers to a Mail exchange that directs email to a mail server. In the command below we use the +nocomments option to exclude the comments. To lookup, the MX record specifies the record type to MX in the command:
$ dig google.com MX +nocomments
How to Query SPF Record ?
The Sender Policy Framework (SPF) is used to indicate authorized hosts for sending mail to the domain in mail exchange.
$ dig google.com TXT +noall +answer
DKIM Records Lookup
To query DomainKeys Identified Mail (DKIM) we need the selector. It provides a digital signature and encryption key that authenticates email messages.
You need to find out the selector of the domain. If you look at the details of an email sent from google/gmail, you can find out the selector for google. Similarly, you can find other domain selectors.
To query it we have to execute the command as below. In the output, we can view the DKIM signature published in their DNS record:
$ dig txt 20161025._domainkey.google.com
DNS Reverse Lookup
To look up reverse DNS we need to use the -x option along with the server IP address. In the following example, we use google IP address to lookup it's reverse DNS:
$ dig -x 184.108.40.206 +short