Retrieve DNS Information Using Dig
dig is a command-line DNS diagnostic tool from BIND. It retrieves and displays various DNS properties of a hostname or IP address, such as its DNS records and authoritative name servers.
Installing dig
You can install dig on most operating systems by downloading the latest version of BIND 9 from BIND’s website, or from the command line using a package manager. Click your operating system’s tab below to view instructions on how to install dig.
To install dig for Windows, go to BIND’s website and download the most current version of BIND 9. Extract the downloaded file and double-click the BINDinstall icon in the newly created directory.
On the BIND 9 Installer screen, verify that the target directory is set to C:\Program Files\ISC BIND 9 (or C:\Program Files (x86)\ISC BIND 9 if you are using an x86 architecture) and select the Tools Only check box. Then click Install.
Once you’ve installed BIND 9, you need to add BIND to your system’s paths to make dig available from the command line. To add the path to your system, open the Windows Control Panel and then open your System Properties. In the Advanced tab, click Environment Variables.
Under System Variables, select the Path variable and then click Edit.
In the Edit environment variable screen, click New and enter the new path C:\Program Files\ISC BIND 9\bin (or C:\Program Files (x86)\ISC BIND 9 if you are using an x86 architecture). Once you’ve added the path, click OK.
In the Edit Variables window, click OK. In the System properties window, click OK.
Once you’ve added the path variable, open a new Command Prompt window and verify dig’s installation by running the dig -v command. dig should return version information about itself. If the command returns anything other than version information, verify your path variable configuration.
dig is usually installed by default on macOS systems and you can access it from the Terminal command line with no additional installation. Run the dig -v command in Terminal to verify dig’s installation. If the command returns anything other than dig’s version information, you need to install BIND.
To install BIND on macOS using Homebrew, first verify Homebrew’s installation by running the following command:
brew -v
If the command returns anything other than brew’s version information, you may need to install Homebrew.
To install Homebrew, use the following command:
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Once you’ve installed Homebrew, use the following command to install BIND:
brew install bind
Once you’ve installed BIND, run the dig -v command again to verify dig’s installation.
dig is usually installed by default on Linux systems and you can accessed it from the command line with no additional installation. Run the dig -v command to verify dig’s installation. If the command returns anything other than dig’s version information, you may need to install dnsutils.
To install dnsutils on Linux using apt-get, run the following commands:
sudo apt-get update
sudo apt-get install dnsutils
Once you’ve installed dnsutils, run the dig -v command again to verify dig’s installation.
Common dig Commands
Below are some common dig commands to retrieve DNS information about a hostname. You can run any of the following examples in a terminal to see the output:
| Command | Example | Description |
|---|---|---|
dig <hostname> |
dig example.com |
Returns the A records found at a hostname. |
dig <hostname> any |
dig example.com any |
Returns all records for a hostname, including NS and SOA records. |
dig @<name server address> <hostname> <record type> |
dig @ns1.digitalocean.com example.com MX |
Queries a hostname’s name server directly instead of your ISP’s resolver. Include the record type parameter to retrieve records of a specific type at a hostname. DigitalOcean’s name server addresses are: ns1.digitalocean.com, ns2.digitalocean.com, and ns3.digitalocean.com |
dig <hostname> <record type> |
dig example.com NS |
Only returns the records of a specified type at a hostname. |
dig <hostname> +short |
dig example.com +short |
Only returns the IP addresses for all A records at a hostname. |
dig <hostname> +trace |
dig example.com +trace |
Adding +trace instructs dig to resolve the query from the root name server and return information from each server queried in the delegation chain. |
dig commands return one or multiple sections of information about the hostname’s DNS records depending on the syntax of your query. In the example below, dig returned results for the query dig example.com:
; <<>> DiG 9.10.6 <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50169
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 6108 IN A 93.184.216.34
;; AUTHORITY SECTION:
example.com. 52437 IN NS b.iana-servers.net.
example.com. 52437 IN NS a.iana-servers.net.
;; ADDITIONAL SECTION:
a.iana-servers.net. 195 IN A 199.43.135.53
a.iana-servers.net. 195 IN AAAA 2001:500:8f::53
b.iana-servers.net. 195 IN A 199.43.133.53
b.iana-servers.net. 195 IN AAAA 2001:500:8d::53
The most relevant sections for users tend to be the following:
-
Question Section: A reaffirmation of the query made to the DNS. In the example above,
digqueried the hostnameexample.comand requested information about the hostname’s A records. -
Answer Section: The records returned by the query. The answer section usually contains the most relevant information for
digusers. In the example above,digreturned the A record for the IP address 204.13.248.106. -
Authority Section: The authoritative name servers that host the hostname’s records. This can be helpful in verifying a hostname’s current delegation. For more information about how to delegate your hostname to point at DigitalOcean’s name servers, see our community tutorial.
-
Additional Section: Any extra information the resolver may have passed along with the answer. In the example above, the resolver passed along the IP addresses for example.com’s name servers in addition to the answer of the original query.