Difference between revisions of "Dig"
From Linuxintro
imported>ThorstenStaerk |
imported>ThorstenStaerk |
||
(7 intermediate revisions by 2 users not shown) | |||
Line 23: | Line 23: | ||
The syntax of a dig call is | The syntax of a dig call is | ||
− | dig < | + | dig <abbr title="Specific DNS server">@dnsserver</abbr> <abbr title="For example linuxintro.org">domain</abbr> <abbr title="Can be ANY, A, MX, SIG, etc.. By default it is A.">type</abbr> |
+ | for example | ||
+ | * query the 192.168.0.1 for the IP address of the hostname bartholomeus | ||
+ | dig @192.168.0.1 bartholomeus | ||
+ | * query for the mail record (MX) of staerk.de | ||
+ | <pre> | ||
+ | root@mail:~# dig staerk.de MX | ||
+ | |||
+ | ; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de MX | ||
+ | ;; global options: +cmd | ||
+ | ;; Got answer: | ||
+ | ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55597 | ||
+ | ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 6 | ||
+ | |||
+ | ;; OPT PSEUDOSECTION: | ||
+ | ; EDNS: version: 0, flags:; udp: 1480 | ||
+ | ;; QUESTION SECTION: | ||
+ | ;staerk.de. IN MX | ||
+ | |||
+ | ;; ANSWER SECTION: | ||
+ | staerk.de. 3536 IN MX 1 aspmx.l.google.com.staerk.de. | ||
+ | staerk.de. 3536 IN MX 5 alt2.aspmx.l.google.com.staerk.de. | ||
+ | staerk.de. 3536 IN MX 5 alt1.aspmx.l.google.com.staerk.de. | ||
+ | staerk.de. 3536 IN MX 10 alt4.aspmx.l.google.com.staerk.de. | ||
+ | staerk.de. 3536 IN MX 10 alt3.aspmx.l.google.com.staerk.de. | ||
+ | </pre> | ||
+ | |||
+ | * When I wanted gsuite to manage my mail domain, I had to prove that I own this domain's DNS. To do this, I had to add a TXT record to DNS that contained a string for google to verify I had inserted it. Now I did not know if it had worked, but with dig I could find out: | ||
+ | |||
+ | root@mail:~# dig staerk.de TXT | ||
+ | |||
+ | ; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de TXT | ||
+ | ;; global options: +cmd | ||
+ | ;; Got answer: | ||
+ | ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10656 | ||
+ | ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 | ||
+ | |||
+ | ;; OPT PSEUDOSECTION: | ||
+ | ; EDNS: version: 0, flags:; udp: 1480 | ||
+ | ;; QUESTION SECTION: | ||
+ | ;staerk.de. IN TXT | ||
+ | |||
+ | ;; ANSWER SECTION: | ||
+ | staerk.de. 3600 IN TXT '''''"google-site-verification=XtcUMZPfCdJHB3JDQM_fiI0BBWW_sQiyYhCmH6Sok18"''''' | ||
+ | |||
+ | ;; AUTHORITY SECTION: | ||
+ | staerk.de. 3600 IN NS ns1.first-ns.de. | ||
+ | staerk.de. 3600 IN NS robotns2.second-ns.de. | ||
+ | |||
+ | ;; Query time: 235 msec | ||
+ | ;; SERVER: 80.237.128.56#53(80.237.128.56) | ||
+ | ;; WHEN: Fri Jun 14 10:56:26 UTC 2019 | ||
+ | ;; MSG SIZE rcvd: 179 | ||
+ | |||
+ | But google did not accept this, it said, it was still waiting for the domain confirmation. So I told dig to use the google name server (8.8.8.8) for the query: | ||
+ | <pre> | ||
+ | root@mail:~# dig staerk.de TXT @8.8.8.8 | ||
+ | |||
+ | ; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de TXT @8.8.8.8 | ||
+ | ;; global options: +cmd | ||
+ | ;; Got answer: | ||
+ | ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63864 | ||
+ | ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 | ||
+ | |||
+ | ;; OPT PSEUDOSECTION: | ||
+ | ; EDNS: version: 0, flags:; udp: 512 | ||
+ | ;; QUESTION SECTION: | ||
+ | ;staerk.de. IN TXT | ||
+ | |||
+ | ;; ANSWER SECTION: | ||
+ | staerk.de. 3599 IN TXT "google-site-verification=XtcUMZPfCdJHB3JDQM_fiI0BBWW_sQiyYhCmH6Sok18" | ||
+ | |||
+ | ;; Query time: 166 msec | ||
+ | ;; SERVER: 8.8.8.8#53(8.8.8.8) | ||
+ | ;; WHEN: Fri Jun 14 11:11:40 UTC 2019 | ||
+ | ;; MSG SIZE rcvd: 119 | ||
+ | |||
+ | </pre> | ||
= See also = | = See also = | ||
* [[host]] | * [[host]] | ||
− | * [http:// | + | * [http://linux.die.net/man/1/dig dig's man page] |
Latest revision as of 11:13, 14 June 2019
The command dig allows you to query a name server for IP addresses like this:
# dig www.linuxintro.org ; <<>> DiG 9.7.3-P1 <<>> www.linuxintro.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 884 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.linuxintro.org. IN A ;; ANSWER SECTION: www.linuxintro.org. 14400 IN A 92.51.132.237 ;; Query time: 67 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Sat Jul 2 14:34:22 2011 ;; MSG SIZE rcvd: 52
In this example we see the IP address of www.linuxintro.org is 92.51.132.237.
The syntax of a dig call is
dig @dnsserver domain type
for example
- query the 192.168.0.1 for the IP address of the hostname bartholomeus
dig @192.168.0.1 bartholomeus
- query for the mail record (MX) of staerk.de
root@mail:~# dig staerk.de MX ; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de MX ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55597 ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 6 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1480 ;; QUESTION SECTION: ;staerk.de. IN MX ;; ANSWER SECTION: staerk.de. 3536 IN MX 1 aspmx.l.google.com.staerk.de. staerk.de. 3536 IN MX 5 alt2.aspmx.l.google.com.staerk.de. staerk.de. 3536 IN MX 5 alt1.aspmx.l.google.com.staerk.de. staerk.de. 3536 IN MX 10 alt4.aspmx.l.google.com.staerk.de. staerk.de. 3536 IN MX 10 alt3.aspmx.l.google.com.staerk.de.
- When I wanted gsuite to manage my mail domain, I had to prove that I own this domain's DNS. To do this, I had to add a TXT record to DNS that contained a string for google to verify I had inserted it. Now I did not know if it had worked, but with dig I could find out:
root@mail:~# dig staerk.de TXT ; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de TXT ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10656 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1480 ;; QUESTION SECTION: ;staerk.de. IN TXT ;; ANSWER SECTION: staerk.de. 3600 IN TXT "google-site-verification=XtcUMZPfCdJHB3JDQM_fiI0BBWW_sQiyYhCmH6Sok18" ;; AUTHORITY SECTION: staerk.de. 3600 IN NS ns1.first-ns.de. staerk.de. 3600 IN NS robotns2.second-ns.de. ;; Query time: 235 msec ;; SERVER: 80.237.128.56#53(80.237.128.56) ;; WHEN: Fri Jun 14 10:56:26 UTC 2019 ;; MSG SIZE rcvd: 179
But google did not accept this, it said, it was still waiting for the domain confirmation. So I told dig to use the google name server (8.8.8.8) for the query:
root@mail:~# dig staerk.de TXT @8.8.8.8 ; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> staerk.de TXT @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63864 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;staerk.de. IN TXT ;; ANSWER SECTION: staerk.de. 3599 IN TXT "google-site-verification=XtcUMZPfCdJHB3JDQM_fiI0BBWW_sQiyYhCmH6Sok18" ;; Query time: 166 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Fri Jun 14 11:11:40 UTC 2019 ;; MSG SIZE rcvd: 119