CompTIA Certifications

CompTIA Network+ 2009 Domain 5: Network Tools

Dig Networking Utility

The dig networking utility on Unix-like systems provides technical DNS information for domains. Here’s the help options for dig usage:

root@thatcommunity [/home]# dig -h
Usage:  dig [@global-server] [domain] [q-type] [q-class] {q-opt}
 {global-d-opt} host [@local-server] {local-d-opt}
 [ host [@local-server] {local-d-opt} [...]]
Where:  domain    is in the Domain Name System
 q-class  is one of (in,hs,ch,...) [default: in]
 q-type   is one of (a,any,mx,ns,soa,hinfo,axfr,txt,...) [default:a]
 (Use ixfr=version for type ixfr)
 q-opt    is one of:
 -x dot-notation     (shortcut for reverse lookups)
 -i                  (use IP6.INT for IPv6 reverse lookups)
 -f filename         (batch mode)
 -b address[#port]   (bind to source address/port)
 -p port             (specify port number)
 -t type             (specify query type)
 -c class            (specify query class)
 -k keyfile          (specify tsig key file)
 -y name:key         (specify named base64 tsig key)
 -4                  (use IPv4 query transport only)
 -6                  (use IPv6 query transport only)
 -m                  (enable memory usage debugging)
 d-opt    is of the form +keyword[=value], where keyword is:
 +[no]vc             (TCP mode)
 +[no]tcp            (TCP mode, alternate syntax)
 +time=###           (Set query timeout) [5]
 +tries=###          (Set number of UDP attempts) [3]
 +retry=###          (Set number of UDP retries) [2]
 +domain=###         (Set default domainname)
 +bufsize=###        (Set EDNS0 Max UDP packet size)
 +ndots=###          (Set NDOTS value)
 +[no]search         (Set whether to use searchlist)
 +[no]defname        (Ditto)
 +[no]recurse        (Recursive mode)
 +[no]ignore         (Don't revert to TCP for TC responses.)
 +[no]fail           (Don't try next server on SERVFAIL)
 +[no]besteffort     (Try to parse even illegal messages)
 +[no]aaonly         (Set AA flag in query (+[no]aaflag))
 +[no]adflag         (Set AD flag in query)
 +[no]cdflag         (Set CD flag in query)
 +[no]cl             (Control display of class in records)
 +[no]cmd            (Control display of command line)
 +[no]comments       (Control display of comment lines)
 +[no]question       (Control display of question)
 +[no]answer         (Control display of answer)
 +[no]authority      (Control display of authority)
 +[no]additional     (Control display of additional)
 +[no]stats          (Control display of statistics)
 +[no]short          (Disable everything except short
 form of answer)
 +[no]ttlid          (Control display of ttls in records)
 +[no]all            (Set or clear all display flags)
 +[no]qr             (Print question before sending)
 +[no]nssearch       (Search all authoritative nameservers)
 +[no]identify       (ID responders in short answers)
 +[no]trace          (Trace delegation down from root)
 +[no]dnssec         (Request DNSSEC records)
 +[no]multiline      (Print records in an expanded format)
 global d-opts and servers (before host name) affect all queries.
 local d-opts and servers (after host name) affect only that lookup.
 -h                           (print help and exit)
 -v                           (print version and exit)

For example, if I dig thatnetwork.com, it returns these results:

root@thatcommunity [/home]# dig thatnetwork.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> thatnetwork.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4448
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;thatnetwork.com.               IN      A
;; ANSWER SECTION:
thatnetwork.com.        3600    IN      A       64.34.165.234
;; Query time: 169 msec
;; SERVER: 216.187.125.131#53(216.187.125.131)
;; WHEN: Tue Nov 30 14:13:23 2010
;; MSG SIZE  rcvd: 49

The response shows you the DNS information for thatnetwork.com.