DIG is a command-line tool for querying DNS Name Server (similar to nslookup utility available in Windows and host utility). dig utility can be used for querying DNS about the host address (both A and AAAA), name server(NS), mail exchange(MX), Pointer Record(PTR), SOA (Start Of Authority) and others.
DIG is a part of BIND software package ( BIND package is developed and managed by Internet Systems Consortium ISC).
Usage Example :-
-
Ask for a host address :-
dig nkn.in
-
Ask from a specific server :-
dig nkn.in @8.8.8.8 ; <<>> DiG 9.8.5-P2 <<>> nkn.in @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13527 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;nkn.in. IN A ;; ANSWER SECTION: nkn.in. 14103 IN A 164.100.56.206 ;; Query time: 171 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Sat Aug 03 23:22:51 India Standard Time 2013 ;; MSG SIZE rcvd: 40
-
Ask for all the records for a particular domain :-
C:\Users\kansal>dig nkn.in any @8.8.4.4 ; <<>> DiG 9.8.5-P2 <<>> nkn.in any @8.8.4.4 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41915 ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;nkn.in. IN ANY ;; ANSWER SECTION: nkn.in. 14390 IN SOA nkn.in. nsadmin\@nkn.in. 2013041 601 10800 86400 1209600 14400 nkn.in. 14390 IN NS ns1.nkn.in. nkn.in. 14390 IN NS ns3.nkn.in. nkn.in. 14390 IN NS ns2.nkn.in. nkn.in. 14390 IN A 164.100.56.206 nkn.in. 14390 IN AAAA 2001:4408:5200::a464:38ce nkn.in. 14390 IN MX 0 mailgw.nic.in. ;; Query time: 159 msec ;; SERVER: 8.8.4.4#53(8.8.4.4) ;; WHEN: Sat Aug 03 23:24:59 India Standard Time 2013 ;; MSG SIZE rcvd: 197 -
Find out the domain's Mail Server :-
C:\Users\kansal>dig nkn.in MX <<>> DiG 9.8.5-P2 <<>> nkn.in MX ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50205 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;nkn.in. IN MX ;; ANSWER SECTION: nkn.in. 14232 IN MX 0 mailgw.nic.in. ;; Query time: 63 msec ;; SERVER: 103.8.44.5#53(103.8.44.5) ;; WHEN: Sat Aug 03 23:32:05 India Standard Time 2013 ;; MSG SIZE rcvd: 51
-
Ask for a reverse lookup :-
C:\Users\kansal>dig -x 164.100.2.6 ; <<>> DiG 9.8.5-P2 <<>> -x 164.100.2.6 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3471 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ; 6.2.100.164.in-addr.arpa. IN PTR ;; ANSWER SECTION: 6.2.100.164.in-addr.arpa. 82055 IN PTR mailgw-hyd.nic.in. ;; Query time: 70 msec ;; SERVER: 103.8.44.5#53(103.8.44.5) ;; WHEN: Sat Aug 03 23:29:52 India Standard Time 2013 ;; MSG SIZE rcvd: 73
-
Check for DNSSEC Validation :-
C:\Users\kansal> C:\Users\kansal>dig apnic.net +dnssec @8.8.8.8 ;; <<>> DiG 9.8.5-P2 <<>> apnic.net +dnssec @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8543 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 512 ;; QUESTION SECTION: ;; apnic.net. IN A ;; ANSWER SECTION: apnic.net. 3600 IN A 202.12.29.175 apnic.net. 3600 IN RRSIG A 8 2 3600 20130903002809 201308 03232809 42189 apnic.net. Q9D9OKv2qfjs33C3yyuAJhkdxy0ytjgAmsXTjVveVGwXqEcL0tEz7g 2f FKM+RykyuqxG/Tq2mxSlBrxgkhvomBLyR9OpCKvYPPST6deR6DWlztOa DIMYZ90gvpqBDGSiSafr xcvXAr0ZTUgBZcIAtkOpzEpoOa1zP1f6VRVA vMM= ;; Query time: 386 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Sun Aug 04 11:07:27 India Standard Time 2013 ;; MSG SIZE rcvd: 223
-
Trace the DNS Query :-
C:\Users\kansal>dig india.gov.in +trace ; <<>> DiG 9.8.5-P2 <<>> india.gov.in +trace ;; global options: +cmd . 31101 IN NS l.root-servers.net. . 31101 IN NS h.root-servers.net. . 31101 IN NS c.root-servers.net. . 31101 IN NS g.root-servers.net. . 31101 IN NS m.root-servers.net. . 31101 IN NS e.root-servers.net. . 31101 IN NS b.root-servers.net. . 31101 IN NS a.root-servers.net. . 31101 IN NS j.root-servers.net. . 31101 IN NS d.root-servers.net. . 31101 IN NS f.root-servers.net. . 31101 IN NS k.root-servers.net. . 31101 IN NS i.root-servers.net. ;; Received 228 bytes from 103.8.44.5#53(103.8.44.5) in 1471 ms in. 172800 IN NS a0.in.afilias-nst.info. in. 172800 IN NS a1.in.afilias-nst.in. in. 172800 IN NS a2.in.afilias-nst.info. in. 172800 IN NS b0.in.afilias-nst.org. in. 172800 IN NS b1.in.afilias-nst.in. in. 172800 IN NS b2.in.afilias-nst.org. in. 172800 IN NS c0.in.afilias-nst.info. in. 172800 IN NS ns7.cdns.net. ;; Received 495 bytes from 128.63.2.53#53(h.root-servers.net) in 2994 ms india.gov.in. 86400 IN NS ns7.nic.in. india.gov.in. 86400 IN NS ns1.nic.in. india.gov.in. 86400 IN NS ns10.nic.in. india.gov.in. 86400 IN NS ns2.nic.in. ;; Received 107 bytes from 199.7.87.1#53(a0.in.afilias-nst.info) in 757 ms india.gov.in. 1800 IN A 164.100.56.191 india.gov.in. 1800 IN NS ns2.nic.in. india.gov.in. 1800 IN NS ns1.nic.in. india.gov.in. 1800 IN NS ns10.nic.in. india.gov.in. 1800 IN NS ns7.nic.in. ;; Received 199 bytes from 164.100.14.3#53(ns1.nic.in) in 55 ms
The above output show you how DNS queries works.
In the above query, i ask for "trace" for the india.gov.in domain.
My resolver first goes to "." (Root NameServer) as every resolver knows about Root Servers only. Root NS replies that 'he don't know about india.gov.in' but he knows about 'NS of .in domain'.
Then resolver goes to NS of ".in" domain and ask for india.gov.in, which in turn replies that he only knows about NS of india.gov.in.
Then resolver goes to NS of 'india.gov.in' which in turn replies the desired query answer.