dig Command in Linux with Examples

May 23, 2024

Introduction

The dig command in Linux is used to gather Domain Name System (DNS) information. It stands for domain information groper and helps troubleshoot DNS problems.

This guide will help you understand and use the Linux dig command with practical examples.

dig Command in Linux with Examples

Prerequisites

dig Command Syntax

The dig command syntax is:

dig [server] [name] [type]

The command consists of:

  • [server]. The hostname or IP address to which the query is directed.
  • [name]. The DNS of the server to query.
  • [type]. The DNS record type to retrieve. By default (or if left blank), dig uses the A record type.

Common DNS record types are:

  • A. Address record that directly maps a hostname to an IP address.
  • MX. Mail Exchange that maps message transfer agents for the domain.
  • SIG. Signature record used in encryption protocols.

For more information, refer to our comprehensive guide to DNS record types.

dig Command Options

The dig command has plenty of different options. The dig options are presented in the table below:

OptionDescription
+shortProvides a short answer to the query.
+noall +answerDisplays only the answer section of the query.
+statsDisplays statistics about the query.
+traceTraces the path from the root DNS servers to the authoritative servers for a domain.
+nocmdOmits the initial command line from the output.
+nssearchPerforms an NS query for the specified domain and checks all listed name servers for consistency.
@serverQueries the specified DNS server.
-t type Specifies the type of DNS record to query (e.g., A, MX).
-p portUses the specified port number for the query (default is 53).
-q nameQueries the specified domain name.
-k filenameSpecifies a TSIG key file for secure DNS queries.
+[no]questionControls the display of the question section of the query.
+[no]answer Controls the display of the answer section of the query.
+[no]authority Shows or hides the authority section.
+[no]additionalDisplays or hides the additional section.
+[no]commentsShows or hides the comments in the output.
+[no]statsDisplays or hides the statistics.
+[no]ttlControls the display of TTL values.
+[no]recurseToggles recursion for the query.

dig Command Examples

The dig command queries the DNS for information about domain names and their associated records, such as IP addresses, mail servers, and name servers. It is a valuable tool for diagnosing DNS issues and verifying DNS configurations. The following text explains the dig command basic usage.

DNS Lookup

The dig command enables you to search for a domain name. For example, to perform a DNS lookup for the domain google.com, run the following command:

dig google.com
dig google.com terminal output

The most important section is the ANSWER SECTION:

  • The first column lists the name of the server that was queried.
  • The second column is the Time to Live, a set timeframe after which the record is refreshed.
  • The third column shows the query class. In this case, IN stands for Internet.
  • The fourth column displays the query type. In this case, A stands for an A (address) record.
  •  The final column displays the IP address associated with the domain name.
dig command terminal output answer section

Other lines mean the following:

  • The first line displays the dig command version.
dig terminal output  showing command version
  • The HEADER section in the dig output summarizes the DNS query and response details. It includes information about the query type (e.g., standard query), the response status (e.g., NOERROR for a successful response), and flags indicating key attributes like recursion. Additionally, it lists the questions, answers, authoritative records, and additional records counts in the DNS response.
dig command terminal output showing header section
  • The OPT PSEUDOSECTION displays advanced data:
    • EDNS. Extension system for DNS, if used.
    • flags. Specified flags. In this case, it's blank because no flags were specified.
    • udp. udp packet size.
dig command terminal output showing opt pseudosection
  • The QUESTION SECTION displays the query data that was sent:
    • The first column is the domain name queried.
    • The second column is the query type (IN = Internet).
    • The third column specifies the record (A = Address) unless otherwise specified.
dig command terminal output showing question section
  • The statistics section shows metadata about the query:
    • Query time. The amount of time it took for a response.
    • SERVER. The responding DNS server IP address and port.
    • WHEN. The time when the command was run.
    • MSG SIZE rcvd. The size of the reply from the DNS server.
dig command terminal output showing statistics section

Note: Although useful, frequent DNS lookups may negatively affect website performance, which is why it's important to learn how to reduce DNS lookups.

Specify DNS server

By default, dig uses the local configuration to decide which nameserver to query. Use the following command to specify Google's domain server:

dig @8.8.8.8 google.com
dig @8.8.8.8 google.com terminal output

Note: Other domain nameservers can be specified here, such as your server hosting provider or the internet service provider's DNS server.
For more information, refer to our guide on how to set a DNS nameserver on Ubuntu.

Return All Query Results

To return all the query results, use the following:

dig google.com ANY
dig google.com ANY terminal output

The system lists all google.com DNS records it finds, along with the IP addresses.

Search for a Record Type

To search for a specific DNS record type using dig, specify the record type after the domain name. For example, use the dig command to query for an A record of the google.com domain:

dig google.com A
dig google.com A terminal output

The answer section shows the DNS record type as A.

Print a Short Output

To display only the IP address associated with the domain name, enter the following:

dig google.com +short
dig google.com +short terminal output

Print Only the ANSWER Section

Run +noall +answer with the dig command to access concise output stored in the ANSWER SECTION:

dig google.com +noall +answer
dig google.com +noall +answer terminal output

List Different Servers

The +trace option lists every different server the query goes through to its final destination. For example, run the following:

dig google.com +trace
dig google.com +trace terminal output

Do a Reverse DNS Lookup

The dig command offers an option to look up a domain name by its IP address. For instance, to find the domain name of the 142.250.180.206 IP address, type the following:

dig -x 142.250.180.206
dig -x 142.250.180.206 terminal output

The domain name for the IP address 142.250.180.206 is bud02s33-in-f14.1e100.net.

Note: To learn more about how to use an IP address to find a domain name, check out our article about Reverse DNS lookup (rDNS).

Query the Nameserver

Query the nameservers for a domain with the dig command by specifying the NS (Name Server) record type. For example, query the DNS to find the nameservers responsible for the google.com domain with:

dig google.com NS
dig google.com NS terminal output

The nameservers for google.com are listed under the ANSWER SECTION with the record type NS.

Find Multiple Entries

To look up multiple entries, take the following steps:

1. Create a file in a text editor to list the domain names you want to look up. For example, to create a file in Nano, run:

sudo nano domain_research.txt

2. Add several websites to the file. For instance, add google.com, yahoo.com, and phoenixnap.com. Note that each domain name should be in a new line:

google.com
yahoo.com
phoenixnap.com
adding websites to nano

3. Save the file and exit.

4. To look up the DNS records for the domains listed in the file, specify the file using the -f option with the dig command:

dig -f domain_research.txt +short
dig -f domain_research.txt +short terminal output

Note: The +short option keeps the results manageable. Any other option can be used instead.

Permanently Adjust Default Options

The information displayed by dig is altered in the ~/.digrc file. To adjust the default options, take the following steps:

1. Open the file in a text editor, in this case Nano:

sudo nano ~/.digrc

2. Add the following lines:

+noall
+answer
Changing the default dig options in Nano

3. Save and exit the file.

4. Run the dig command:

dig google.com
dig google.com terminal output with changed default options

The output is the same as if you manually added +noall and +answer in the terminal.

Conclusion

This article explains the use of the dig command in Linux through practical examples. If you'd like to use the command on a Windows system, check out our guide on how to install dig on Windows.

Next, learn how to flush DNS cache to delete all saved DNS lookup information or discover other Linux network commands.

Was this article helpful?
YesNo
Sara Zivanov
Sara Zivanov is a technical writer at phoenixNAP who is passionate about making high-tech concepts accessible to everyone. Her experience as a content writer and her background in Engineering and Project Management allows her to streamline complex processes and make them user-friendly through her content.
Next you should read
What is a Domain Name System (DNS) & How Does it Work?
May 23, 2024

Domain Name System (DNS) first emerged in the early 1980s. It represents a system of interconnected servers...
Read more
DNS Configuration: Everything You Need to Know
March 23, 2023

DNS configuration sets up a Domain Name System server to translate domain names (URLs) into IP addresses. The...
Read more
DNS Record Types Explained
August 20, 2024

DNS records or zone files store information about domains. They consist of a series of text files written in...
Read more
Troubleshooting DNS Issues {nslookup, dig, host & More}
November 17, 2021

DNS (domain name system) stores information related to domain names as a distributed database. The client...
Read more