Network-commands/dig

From aldeid
Jump to navigation Jump to search
You might also see: DNS Protocol, nslookup

Description

dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried.

Usage

  • dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-m] [-p port#] [-q name] [-t type] [-x addr] [-y [hmac:]name:key] [-4] [-6] [name] [type] [class] [queryopt...]
  • dig [-h]
  • dig [global-queryopt...] [query...]

Options

-4, -6
The -4 option forces dig to only use IPv4 query transport. The -6 option forces dig to only use IPv6 query transport.
-b address
Sets the source IP address of the query to address. This must be a valid address on one of the host's network interfaces or "0.0.0.0" or "::". An optional port may be specified by appending "#<port>".
-c class
The default query class (IN for internet) is overridden by the -c option. class is any valid class, such as HS for Hesiod records or CH for Chaosnet records.
-f filename
The -f option makes dig operate in batch mode by reading a list of lookup requests to process from the file filename. The file contains a number of queries, one per line. Each entry in the file should be organized in the same way they would be presented as queries to dig using the command-line interface.
-k filename, -y [ymac:lname:key]
To sign the DNS queries sent by dig and their responses using transaction signatures (TSIG), specify a TSIG key file using the -k option. You can also specify the TSIG key itself on the command line using the -y option; hmac is the type of the TSIG, default HMAC-MD5, name is the name of the TSIG key and key is the actual key. The key is a base-64 encoded string, typically generated by dnssec-keygen(8). Caution should be taken when using the -y option on multi-user systems as the key can be visible in the output from ps(1) or in the shell's history file. When using TSIG authentication with dig, the name server that is queried needs to know the key and algorithm that is being used. In BIND, this is done by providing appropriate key and server statements in named.conf.
-m
The -m option enables memory usage debugging.
-p port#
If a non-standard port number is to be queried, the -p option is used. port# is the port number that dig will send its queries instead of the standard DNS port number 53. This option would be used to test a name server that has been configured to listen for queries on a non-standard port number.
-q name
The -q option sets the query name to name. This useful do distinguish the name from other arguments.
-t type
The -t option sets the query type to type. It can be any valid query type which is supported in BIND 9. The default query type is "A", unless the -x option is supplied to indicate a reverse lookup. A zone transfer can be requested by specifying a type of AXFR. When an incremental zone transfer (IXFR) is required, type is set to ixfr=N. The incremental zone transfer will contain the changes made to the zone since the serial number in the zone's SOA record was N.
-x addr
Reverse lookups — mapping addresses to names — are simplified by the -x option. addr is an IPv4 address in dotted-decimal notation, or a colon-delimited IPv6 address. When this option is used, there is no need to provide the name, class and type arguments. dig automatically performs a lookup for a name like 11.12.13.10.in-addr.arpa and sets the query type and class to PTR and IN respectively. By default, IPv6 addresses are looked up using nibble format under the IP6.ARPA domain. To use the older RFC1886 method using the IP6.INT domain specify the -i option. Bit string labels (RFC2874) are now experimental and are not attempted.

Examples

MX records

$ dig gmail.com MX

; <<>> DiG 9.7.0-P1 <<>> gmail.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13960
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;gmail.com.			IN	MX

;; ANSWER SECTION:
gmail.com.		336	IN	MX	30 alt3.gmail-smtp-in.l.google.com.
gmail.com.		336	IN	MX	20 alt2.gmail-smtp-in.l.google.com.
gmail.com.		336	IN	MX	10 alt1.gmail-smtp-in.l.google.com.
gmail.com.		336	IN	MX	5 gmail-smtp-in.l.google.com.
gmail.com.		336	IN	MX	40 alt4.gmail-smtp-in.l.google.com.

;; Query time: 44 msec
;; SERVER: 80.10.246.130#53(80.10.246.130)
;; WHEN: Thu Sep  9 06:34:15 2010
;; MSG SIZE  rcvd: 150

Zone transfer (AXFR)

Identify DNS servers responsible for passion-espace-club.com: 

$ dig NS passion-espace-club.com

; <<>> DiG 9.8.3-P1 <<>> NS passion-espace-club.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36269
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;passion-espace-club.com.	IN	NS

;; ANSWER SECTION:
passion-espace-club.com. 86400	IN	NS	ks24806.kimsufi.com.
passion-espace-club.com. 86400	IN	NS	ns1.xname.org.
passion-espace-club.com. 86400	IN	NS	ns0.xname.org.
passion-espace-club.com. 86400	IN	NS	ns.kimsufi.com.
passion-espace-club.com. 86400	IN	NS	ns2.xname.org.

;; Query time: 122 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Wed Mar  6 19:06:47 2013
;; MSG SIZE  rcvd: 151

We have identified 5 name servers. Now, let's check whether one of them allows zone transfer (AXFR).

The first one does not allow zone transfer: 

$ dig @ks24806.kimsufi.com axfr passion-espace-club.com

; <<>> DiG 9.8.3-P1 <<>> @ks24806.kimsufi.com axfr passion-espace-club.com
; (1 server found)
;; global options: +cmd
; Transfer failed.

But the second one seems to allow it: 

$ dig @ns1.xname.org axfr passion-espace-club.com

; <<>> DiG 9.8.3-P1 <<>> @ns1.xname.org axfr passion-espace-club.com
; (1 server found)
;; global options: +cmd
passion-espace-club.com. 86400	IN	SOA	ks24806.kimsufi.com. spproust.gmail.com. 2010120103 10800 3600 604800 10800
passion-espace-club.com. 86400	IN	A	91.121.24.31
passion-espace-club.com. 86400	IN	NS	ns.kimsufi.com.
passion-espace-club.com. 86400	IN	NS	ns0.xname.org.
passion-espace-club.com. 86400	IN	NS	ns1.xname.org.
passion-espace-club.com. 86400	IN	NS	ns2.xname.org.
passion-espace-club.com. 86400	IN	NS	ks24806.kimsufi.com.
passion-espace-club.com. 86400	IN	TXT	"v=spf1 +a +mx -all"
passion-espace-club.com. 86400	IN	MX	10 mail.passion-espace-club.com.
*.passion-espace-club.com. 86400 IN	A	91.121.24.31
ftp.passion-espace-club.com. 86400 IN	CNAME	passion-espace-club.com.
mail.passion-espace-club.com. 86400 IN	A	91.121.24.31
migration.passion-espace-club.com. 86400 IN A	91.121.24.31
ns.passion-espace-club.com. 86400 IN	A	91.121.24.31
webmail.passion-espace-club.com. 86400 IN A	91.121.24.31
*.webmail.passion-espace-club.com. 86400 IN CNAME passion-espace-club.com.
www.passion-espace-club.com. 86400 IN	CNAME	passion-espace-club.com.
passion-espace-club.com. 86400	IN	SOA	ks24806.kimsufi.com. spproust.gmail.com. 2010120103 10800 3600 604800 10800
;; Query time: 81 msec
;; SERVER: 178.33.255.252#53(178.33.255.252)
;; WHEN: Wed Mar  6 19:07:23 2013
;; XFR size: 18 records (messages 3, bytes 596)

The zone transfer succeeded, and as a result, you now have all of the DNS records associated with the domain.

Comments

Retrieved from "https://www.aldeid.com/w/index.php?title=Network-commands/dig&oldid=22248"