Difference between revisions of "Dig"

From Linuxintro
imported>ThorstenStaerk
imported>ThorstenStaerk
 
(7 intermediate revisions by 2 users not shown)
Line 23: Line 23:
  
 
The syntax of a dig call is
 
The syntax of a dig call is
  dig <html><acronym title="Specific DNS server">@dnsserver</acronym> <acronym title="For example linuxintro.org">domain</acronym> <acronym title="Can be ANY, A, MX, SIG, etc.. By default it is A.">type</acronym></html>
+
  dig <abbr title="Specific DNS server">@dnsserver</abbr> <abbr title="For example linuxintro.org">domain</abbr> <abbr title="Can be ANY, A, MX, SIG, etc.. By default it is A.">type</abbr>
 +
for example
 +
* query the 192.168.0.1 for the IP address of the hostname bartholomeus
 +
dig @192.168.0.1 bartholomeus
 +
* query for the mail record (MX) of staerk.de
 +
<pre>
 +
root@mail:~# dig staerk.de MX
 +
 
 +
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de MX
 +
;; global options: +cmd
 +
;; Got answer:
 +
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55597
 +
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 6
 +
 
 +
;; OPT PSEUDOSECTION:
 +
; EDNS: version: 0, flags:; udp: 1480
 +
;; QUESTION SECTION:
 +
;staerk.de.                    IN      MX
 +
 
 +
;; ANSWER SECTION:
 +
staerk.de.              3536    IN      MX      1 aspmx.l.google.com.staerk.de.
 +
staerk.de.              3536    IN      MX      5 alt2.aspmx.l.google.com.staerk.de.
 +
staerk.de.              3536    IN      MX      5 alt1.aspmx.l.google.com.staerk.de.
 +
staerk.de.              3536    IN      MX      10 alt4.aspmx.l.google.com.staerk.de.
 +
staerk.de.              3536    IN      MX      10 alt3.aspmx.l.google.com.staerk.de.
 +
</pre>
 +
 
 +
* When I wanted gsuite to manage my mail domain, I had to prove that I own this domain's DNS. To do this, I had to add a TXT record to DNS that contained a string for google to verify I had inserted it. Now I did not know if it had worked, but with dig I could find out:
 +
 
 +
root@mail:~# dig staerk.de TXT
 +
 +
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de TXT
 +
;; global options: +cmd
 +
;; Got answer:
 +
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10656
 +
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
 +
 +
;; OPT PSEUDOSECTION:
 +
; EDNS: version: 0, flags:; udp: 1480
 +
;; QUESTION SECTION:
 +
;staerk.de.                    IN      TXT
 +
 +
;; ANSWER SECTION:
 +
staerk.de.              3600    IN      TXT    '''''"google-site-verification=XtcUMZPfCdJHB3JDQM_fiI0BBWW_sQiyYhCmH6Sok18"'''''
 +
 +
;; AUTHORITY SECTION:
 +
staerk.de.              3600    IN      NS      ns1.first-ns.de.
 +
staerk.de.              3600    IN      NS      robotns2.second-ns.de.
 +
 +
;; Query time: 235 msec
 +
;; SERVER: 80.237.128.56#53(80.237.128.56)
 +
;; WHEN: Fri Jun 14 10:56:26 UTC 2019
 +
;; MSG SIZE  rcvd: 179
 +
 
 +
But google did not accept this, it said, it was still waiting for the domain confirmation. So I told dig to use the google name server (8.8.8.8) for the query:
 +
<pre>
 +
root@mail:~# dig staerk.de TXT @8.8.8.8
 +
 
 +
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de TXT @8.8.8.8
 +
;; global options: +cmd
 +
;; Got answer:
 +
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63864
 +
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 +
 
 +
;; OPT PSEUDOSECTION:
 +
; EDNS: version: 0, flags:; udp: 512
 +
;; QUESTION SECTION:
 +
;staerk.de.                    IN      TXT
 +
 
 +
;; ANSWER SECTION:
 +
staerk.de.              3599    IN      TXT    "google-site-verification=XtcUMZPfCdJHB3JDQM_fiI0BBWW_sQiyYhCmH6Sok18"
 +
 
 +
;; Query time: 166 msec
 +
;; SERVER: 8.8.8.8#53(8.8.8.8)
 +
;; WHEN: Fri Jun 14 11:11:40 UTC 2019
 +
;; MSG SIZE  rcvd: 119
 +
 
 +
</pre>
  
 
= See also =
 
= See also =
 
* [[host]]
 
* [[host]]
* [http://man-wiki.net/index.php/1:dig dig's man page]
+
* [http://linux.die.net/man/1/dig dig's man page]

Latest revision as of 11:13, 14 June 2019

The command dig allows you to query a name server for IP addresses like this:

# dig www.linuxintro.org

; <<>> DiG 9.7.3-P1 <<>> www.linuxintro.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 884
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.linuxintro.org.            IN      A 

;; ANSWER SECTION:
www.linuxintro.org.     14400   IN      A       92.51.132.237

;; Query time: 67 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Jul  2 14:34:22 2011
;; MSG SIZE  rcvd: 52

In this example we see the IP address of www.linuxintro.org is 92.51.132.237.

The syntax of a dig call is

dig @dnsserver domain type

for example

  • query the 192.168.0.1 for the IP address of the hostname bartholomeus
dig @192.168.0.1 bartholomeus
  • query for the mail record (MX) of staerk.de
root@mail:~# dig staerk.de MX

; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55597
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 6

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1480
;; QUESTION SECTION:
;staerk.de.                     IN      MX

;; ANSWER SECTION:
staerk.de.              3536    IN      MX      1 aspmx.l.google.com.staerk.de.
staerk.de.              3536    IN      MX      5 alt2.aspmx.l.google.com.staerk.de.
staerk.de.              3536    IN      MX      5 alt1.aspmx.l.google.com.staerk.de.
staerk.de.              3536    IN      MX      10 alt4.aspmx.l.google.com.staerk.de.
staerk.de.              3536    IN      MX      10 alt3.aspmx.l.google.com.staerk.de.
  • When I wanted gsuite to manage my mail domain, I had to prove that I own this domain's DNS. To do this, I had to add a TXT record to DNS that contained a string for google to verify I had inserted it. Now I did not know if it had worked, but with dig I could find out:
root@mail:~# dig staerk.de TXT

; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de TXT
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10656
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1480
;; QUESTION SECTION:
;staerk.de.                     IN      TXT

;; ANSWER SECTION:
staerk.de.              3600    IN      TXT     "google-site-verification=XtcUMZPfCdJHB3JDQM_fiI0BBWW_sQiyYhCmH6Sok18"

;; AUTHORITY SECTION:
staerk.de.              3600    IN      NS      ns1.first-ns.de.
staerk.de.              3600    IN      NS      robotns2.second-ns.de.

;; Query time: 235 msec
;; SERVER: 80.237.128.56#53(80.237.128.56)
;; WHEN: Fri Jun 14 10:56:26 UTC 2019
;; MSG SIZE  rcvd: 179

But google did not accept this, it said, it was still waiting for the domain confirmation. So I told dig to use the google name server (8.8.8.8) for the query:

root@mail:~# dig staerk.de TXT @8.8.8.8

; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de TXT @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63864
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;staerk.de.                     IN      TXT

;; ANSWER SECTION:
staerk.de.              3599    IN      TXT     "google-site-verification=XtcUMZPfCdJHB3JDQM_fiI0BBWW_sQiyYhCmH6Sok18"

;; Query time: 166 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Jun 14 11:11:40 UTC 2019
;; MSG SIZE  rcvd: 119

See also