First and foremost, what the heck is Dig? Dig is an acronym for “domain internet groper”. Dig is a useful tool for webmasters and system administrators, it can be used to query DNS servers and fix DNS related issues. Dig is a part of the BIND DNS software.
There are many beneficial and useful ways to use dig. Do you ever find yourself needing to make changes to DNS records, but aren’t sure how to verify your changes?
Check out the following breakdown of a dig query.
Type the following dig query into your Terminal and follow along!
This query will call on the A record for the domain name www.no-ip.com.
So, lets dive into this a little deeper and explain what each part of the response means…
The first two lines tell us the version of dig that is being used, in my case, i am using version 9.4.3-P3, the command line parameters (www.no-ip.com) and the query options (printcmd). The printcmd options means that the command section (the name of these first two lines) is printed. You can disable this response by using the option +nocmd.
; <<>> DiG 9.4.3-P3 <<>> www.no-ip.com
;; global options: printcmd
Next, dig tells you the response that it collected from the DNS server. The answer received was (opcode: QUERY) and that the response contains 1 part in the answer section, 5 parts in the authority section and 6 parts in the additional section. Just before those responses you will see “flags”. Flags state certain things about the DNS server and its response.
-qr (query response) simply means this is a response to a query
-rd (recursion desired) means that the incoming query requested recursive support
-ra (recursion available) means that the responding server supports recursive queries
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55423
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 6
The question section is next. This section just states what I queried, in this case, I queried the A record of www.no-ip.com and it is in the Internet class or IN.
;; QUESTION SECTION:
;www.no-ip.com. IN A
The answer section follows; it adds the IP address of www.no-ip.com, and it also names all of the NS records that are authoritative for the domain.
;; ANSWER SECTION:
www.no-ip.com. 60 IN A 188.8.131.52
;; AUTHORITY SECTION:
no-ip.com. 50531 IN NS ns2.no-ip.com.
no-ip.com. 50531 IN NS ns4.no-ip.com.
no-ip.com. 50531 IN NS ns5.no-ip.com.
no-ip.com. 50531 IN NS ns3.no-ip.com.
no-ip.com. 50531 IN NS ns1.no-ip.com.
The additional section lists the IP addresses of all of the NS records, along with what type of record they are.
;; ADDITIONAL SECTION:
ns1.no-ip.com. 7702 IN A 184.108.40.206
ns1.no-ip.com. 128 IN AAAA 2620:0:2e60::33
ns4.no-ip.com. 128 IN A 220.127.116.11
ns2.no-ip.com. 79306 IN A 18.104.22.168
ns5.no-ip.com. 79306 IN A 22.214.171.124
ns3.no-ip.com. 19260 IN A 126.96.36.199
The last section just gives stats about the query: how long it took, the IP address it was queried from and how large the message was. You can disable this reply by using the +nostats option.
;; Query time: 48 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Fri Apr 8 11:22:02 2011
;; MSG SIZE rcvd: 245
Using dig can help you troubleshoot your DNS related issues. How often do you use dig?