dig command is mainly used to query host address information from dns domain name server. It works the same as NSLOOKUP command, but it outputs more information than nslookup.
Install dig
redhat Department System yum install -y bind-utils debian Department System apt-get install -y dnsutils
Query Sina's dns parsing as follows
Di www.sina.com outputs the following information
Now the above output information is explained in detail.
; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.sina.com ;; global options: +cmd
Lines 1 to 2:
Di version number, query domain name, global parameter settings, default is + cmd
The command takes + nocmd as a parameter, and this part of the information is not displayed
;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15886 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
Lines 3 to 5: Detailed technical information received from the DNS server of the authority concerned
opencode: opcode, QUER stands for query operation
Status: The status, NOERROR, is error-free, representing the accessibility of the requested DNS server to queries
id: number, 15886, 16bit number, return and query by number matching in dns protocol
Flags: flags, can appear can not appear, do not show no sign
flags are marked with qr, rd, ra, aa
qr: query, query flag, representing query operation
rd: recursion desired, which represents the desire for recursive query operations
ra: recursive available, the server that represents the query supports recursive query operations
aa: authoritative answer authoritative reply
QUERY: Number of queries, 1 represents one query, corresponding to the number of records in QUESTION SECTION below
ANSWER: Number of results, 3 represents three results, corresponding to the number of records in ANSWER SECTION below
AUTHORITY: Number of records of authoritative domain name servers. 0 represents the number of authoritative domain name servers available for domain name resolution.
ADDITIONAL: Number of additional records, 1 representing one additional record
The command takes + comments as a parameter and can not display this part.
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096
Lines 6 to 7:
Information on DNS Extension Mechanism (EDNS)
The command takes + noedns as a parameter and can not display this part.
;; QUESTION SECTION: ;www.sina.com. IN A
Lines 8 to 9:
The output information of the domain name we want to query is A record by default.
The command takes + noquestion as a parameter and can not display this part.
;; ANSWER SECTION: www.sina.com. 40 IN CNAME us.sina.com.cn. us.sina.com.cn. 40 IN CNAME spool.grid.sinaedge.com. spool.grid.sinaedge.com. 34 IN A 202.102.94.124
Lines 10 to 13:
Queried results
You can see that the ip corresponding to www.sina.com is 202.102.94.124.
The first is domain name, the second is TTL, cache time, unit second, the third is query category, A is record, CNAME is alias record, and the fourth is parsed address.
The command takes + noanswer as a parameter and can not display this part.
;; Query time: 20 msec ;; SERVER: 114.114.114.114#53(114.114.114.114) ;; WHEN: Sun Aug 11 19:22:55 CST 2019 ;; MSG SIZE rcvd: 119
Lines 14 to 17: Statistical information on queries
Query time: Query time consuming
SERVER: Server address and port for query
WHEN: Query time
MSG SIZE rcvd: Response size, received 119 bytes
The command takes + nostats as a parameter and does not display this part
dig-related parameters
+ short simple output
root@node1:~# dig +short www.sina.com us.sina.com.cn. spool.grid.sinaedge.com. 202.102.94.124
+ noall +answer returns details, only query results
root@node1:~# dig www.sina.com +noall +answer ; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.sina.com +noall +answer ;; global options: +cmd www.sina.com. 60 IN CNAME us.sina.com.cn. us.sina.com.cn. 60 IN CNAME spool.grid.sinaedge.com. spool.grid.sinaedge.com. 34 IN A 202.102.94.124
@x.x.x.x
From the specified DNS server, the default dig will actively use the DNS server listed in the / etc/resolv.conf file to query
root@node1:~# dig @8.8.8.8 www.sina.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> @8.8.8.8 www.sina.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36464 ;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;www.sina.com. IN A ;; ANSWER SECTION: www.sina.com. 59 IN CNAME us.sina.com.cn. us.sina.com.cn. 59 IN CNAME wwwus.sina.com. wwwus.sina.com. 59 IN CNAME ww1.sinaimg.cn.w.alikunlun.com. ww1.sinaimg.cn.w.alikunlun.com. 59 IN A 205.204.104.186 ww1.sinaimg.cn.w.alikunlun.com. 59 IN A 205.204.104.195 ww1.sinaimg.cn.w.alikunlun.com. 59 IN A 47.246.16.229 ww1.sinaimg.cn.w.alikunlun.com. 59 IN A 47.91.195.229 ww1.sinaimg.cn.w.alikunlun.com. 59 IN A 47.246.16.230 ww1.sinaimg.cn.w.alikunlun.com. 59 IN A 47.246.16.231 ;; Query time: 203 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Sun Aug 11 21:03:25 CST 2019 ;; MSG SIZE rcvd: 226
Specify the query type
query A Record (default) root@node1:~# dig +nocmd www.sina.com a +noall +answer www.sina.com. 49 IN CNAME us.sina.com.cn. us.sina.com.cn. 49 IN CNAME spool.grid.sinaedge.com. spool.grid.sinaedge.com. 48 IN A 202.102.94.124 //Query CNAME records root@node1:~# dig +nocmd www.sina.com cname +noall +answer www.sina.com. 34 IN CNAME us.sina.com.cn. //Query txt records root@node1:~# dig +nocmd google.com txt +noall +answer google.com. 241 IN TXT "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8=" google.com. 241 IN TXT "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e" google.com. 241 IN TXT "v=spf1 include:_spf.google.com ~all" google.com. 241 IN TXT "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289" google.com. 241 IN TXT "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95" //Query MX records root@node1:~# dig +nocmd google.com mx +noall +answer google.com. 428 IN MX 30 alt2.aspmx.l.google.com. google.com. 428 IN MX 20 alt1.aspmx.l.google.com. google.com. 428 IN MX 40 alt3.aspmx.l.google.com. google.com. 428 IN MX 50 alt4.aspmx.l.google.com. google.com. 428 IN MX 10 aspmx.l.google.com. //Query NS records root@node1:~# dig +nocmd google.com ns +noall +answer google.com. 121046 IN NS ns3.google.com. google.com. 121046 IN NS ns2.google.com. google.com. 121046 IN NS ns4.google.com. google.com. 121046 IN NS ns1.google.com.
- x Reverse Query for Domain Names Associated with Specific IP Addresses
root@node1:~# dig -x 8.8.8.8 +noall +answer
; <<>> DiG 9.10.3-P4-Ubuntu <<>> -x 8.8.8.8 +noall +answer ;; global options: +cmd 8.8.8.8.in-addr.arpa. 79982 IN PTR dns.google.
+ trace, tracking the query process
root@node1:~# dig +trace www.sina.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> +trace www.sina.com ;; global options: +cmd . 142304 IN NS d.root-servers.net. . 142304 IN NS i.root-servers.net. . 142304 IN NS l.root-servers.net. . 142304 IN NS k.root-servers.net. . 142304 IN NS j.root-servers.net. . 142304 IN NS a.root-servers.net. . 142304 IN NS m.root-servers.net. . 142304 IN NS c.root-servers.net. . 142304 IN NS f.root-servers.net. . 142304 IN NS e.root-servers.net. . 142304 IN NS g.root-servers.net. . 142304 IN NS h.root-servers.net. . 142304 IN NS b.root-servers.net. ;; Received 239 bytes from 114.114.114.114#53(114.114.114.114) in 20 ms com. 172800 IN NS a.gtld-servers.net. com. 172800 IN NS b.gtld-servers.net. com. 172800 IN NS c.gtld-servers.net. com. 172800 IN NS d.gtld-servers.net. com. 172800 IN NS e.gtld-servers.net. com. 172800 IN NS f.gtld-servers.net. com. 172800 IN NS g.gtld-servers.net. com. 172800 IN NS h.gtld-servers.net. com. 172800 IN NS i.gtld-servers.net. com. 172800 IN NS j.gtld-servers.net. com. 172800 IN NS k.gtld-servers.net. com. 172800 IN NS l.gtld-servers.net. com. 172800 IN NS m.gtld-servers.net. com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766 com. 86400 IN RRSIG DS 8 1 86400 20190824050000 20190811040000 59944 . Au9ez+iicXM9ZCVNeBttnieOlMjtSLnFWS3fblB6yuJOPqAJDKlzGzH5 bo5A9agi+6ouB3di2J96Kdn2SE9Uq4mMaye4kQv7z7wUlthjwXadPAGq +nT4osIcOLxlWOCTLDBJnrCg6BnK7LoKMoleZjtQOr4ASNsW3CX3MEat SU/M+S9+Bg2NQeb+Z1rEieXIyG0zvlE+qzEg41rbuqFY3fk9kBMyB/sV 5lUeAZfAhlzH/jjKby+wJsaL+SRCPnstWgokekeZCHwXwJ4iHc2zRyCd 0e+FDT0z/7xouIYQVgt7GVQN0vQ/eUJBd9zhmCUbIfDi7w4AK9ykEJDU jVsVIg== ;; Received 1172 bytes from 198.97.190.53#53(h.root-servers.net) in 192 ms sina.com. 172800 IN NS ns1.sina.com.cn. sina.com. 172800 IN NS ns2.sina.com.cn. sina.com. 172800 IN NS ns3.sina.com.cn. sina.com. 172800 IN NS ns1.sina.com. sina.com. 172800 IN NS ns2.sina.com. sina.com. 172800 IN NS ns4.sina.com. sina.com. 172800 IN NS ns3.sina.com. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190815044522 20190808033522 17708 com. mZXFevDe/GAzLCPnKm123kkBDgeuHRJXSkMgsHkACMZmMmA5uCrvxXN8 7fTMTFFESSjd14PwgTavf5fJ4J4COTvIVHg7vrnztrt1JadLK3jXNPJ3 3Z8Cv5VINQMEPSAydR7XeZ8AMCvdkyEKB0jzpen719qTk4WWWAw33Jtw 9a8= TGAG8VMC6NS5VVK68CIGRJ6Q414N2KB2.com. 86400 IN NSEC3 1 1 0 - TGAIBD36C6B9GMU6EB96HFA3PBUKS49B NS DS RRSIG TGAG8VMC6NS5VVK68CIGRJ6Q414N2KB2.com. 86400 IN RRSIG NSEC3 8 2 86400 20190818052710 20190811041710 17708 com. XcB3H/b/3jb1ABIJ+ZF9o6PfwRjZsRuN1lue4f2RaRg41pINGot3s/oi itjHkSu4caYW8hxDpZDFWdsV8SRZFw54prByqOu8Bsuw0K9asjX/NEpH ehZov1MTBcJv0GoJN8+Vtj7GYVYuDWRT4LMJgNsfOitt5jTbEdHsVAhW 7XI= ;; Received 727 bytes from 192.26.92.30#53(c.gtld-servers.net) in 228 ms www.sina.com. 60 IN CNAME us.sina.com.cn. us.sina.com.cn. 60 IN CNAME spool.grid.sinaedge.com. ;; Received 103 bytes from 180.149.138.199#53(ns2.sina.com.cn) in 2 ms
Di batch query
When multiple domain names need to be queried, the domain name to be queried can be written to a file, and then unified query.
. digrc file
As in the previous command line we used + short,+noall,+answer and other parameters, we can write to the current user's home directory in the. digrc file (${home}/.digrc), so when we execute the dig command, we do not need to add these parameters on the command line.