The DIG command offers a vast amount of functionalities and different options. In this guide, we’ll learn more about some of the most important functionalities for DNS troubleshooting.
What is the DIG command?
DIG command (Domain Information Groper command) is a tool with a basic command-line interface that serves for making different DNS (domain name system) queries. You can use the DIG command to:
– Check all of the available DNS records or individual DNS records
– Diagnose the name servers of your domain.
– Trace IP addresses.
– See the hostnames that correspond to an IP address.
And many other aspects that you can read directly on their manual. You can find the DIG command pre-installed on most Linux distros. Also, you can easily install it on macOS, too with brew, and get the DIG command on Windows 10 with bind9.
Top 5 most used DIG commands:
Here you have five examples of DIG command. We will use rosehostingtest.com as a hostname and 126.96.36.199. as an IP address. Feel free to try these commands with the domain and IP address you want by simply changing the text before you try.
Once you are on your terminal, we can proceed with the following commands:
1. Finding the website IP address
To do that function, everything you need to do is simply use the dig command with the domain name after it, for example:
This will return you the A record of your hostname but with a lot of details together, here is an example:
➜ ~ dig rosehostingtest.com ; <<>> DiG 9.10.6 <<>> rosehostingtest.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40154 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;rosehostingtest.com. IN A ;; ANSWER SECTION: rosehostingtest.com. 300 IN A 188.8.131.52 rosehostingtest.com. 300 IN A 184.108.40.206 ;; Query time: 53 msec ;; SERVER: 220.127.116.11#53(18.104.22.168) ;; WHEN: Tue Dec 20 12:23:50 -03 2022 ;; MSG SIZE rcvd: 80
If you want an answer with fewer details, you can add +short to your command, no matter if it’s before or after the hostname, you can use it together with your domain and it will return only the IP address:
➜ ~ dig rosehostingtest.com +short 22.214.171.124
From now on, in this guide, we’ll use the +short option so it’s less information making it more friendly to be readen.
2. Getting the NameServers from the domain.
For that usage, instead of only using the dig command, we had to add the option NS to our command. So, to get the nameservers of your domain name, you can use the following command:
➜ ~ dig rosehostingtest.com NS +short aragorn.ns.cloudflare.com. coco.ns.cloudflare.com.
Here you can see to which DNS the domain you are checking is pointing to.
3. Check the path of your DNS.
This option will show you the path from the root servers to the DNS zone of the hostname that you are querying. To use the trace option, you should run:
➜ ~ dig rosehostingtest.com +trace +short NS h.root-servers.net. from server 126.96.36.199 in 44 ms. NS b.root-servers.net. from server 188.8.131.52 in 44 ms. NS k.root-servers.net. from server 184.108.40.206 in 44 ms. NS m.root-servers.net. from server 220.127.116.11 in 44 ms. NS c.root-servers.net. from server 18.104.22.168 in 44 ms. NS a.root-servers.net. from server 22.214.171.124 in 44 ms. NS f.root-servers.net. from server 126.96.36.199 in 44 ms. NS j.root-servers.net. from server 188.8.131.52 in 44 ms. NS d.root-servers.net. from server 184.108.40.206 in 44 ms. NS i.root-servers.net. from server 220.127.116.11 in 44 ms. NS g.root-servers.net. from server 18.104.22.168 in 44 ms. NS e.root-servers.net. from server 22.214.171.124 in 44 ms. NS l.root-servers.net. from server 126.96.36.199 in 44 ms. RRSIG NS 8 0 518400 20230102050000 20221220040000 18733 . Ban8EH/5IIhAO5yzTrFjKFL/ZblByKCk1ln3kXGqwwusnoBTY6fpXY/4 bQztpIpYGEE0O0Nh6afh6O2Uk/BtFvZf1YT6t1xRFZOJJ2fQGntqnvYt VX0HLYwrGmWZiaTcRWVWezLDJ/xQrxab1FGH/09qn9UQjfkswN372vb3 feGu2vbti9I63rzKTl2wJFn95jwkTRwkgrXUfP10znzJpCj3B8ZCPtN+ cvwWWrUFu1Yj5DuOS3c0SRDrcF4YFkRQTc3Fy/kMlqAvbuDuKKmGuo+f E0+oBXFWroFPLf7wB6dbHOGxoppNokqjDN1VyAHQx0uMWnfRksMpq3RC 8u3GIw== from server 188.8.131.52 in 44 ms. A 184.108.40.206 from server 2a06:98c1:50::ac40:2143 in 37 ms. A 220.127.116.11 from server 2a06:98c1:50::ac40:2143 in 37 ms. RRSIG A 13 2 300 20221221162911 20221219142911 34505 rosehostingtest.com. Nn6Pr3DT0JjfqH2yV1HlMPMIbfsFYr4Voyvb5kR6aV70cTGdrItRmi6E cIKc6eDoPWJUdoIpIuDUuDwj3wcpyA== from server 2a06:98c1:50::ac40:2143 in 37 ms.
The output will show you the route of your DNS query goes. You can check if the connection is hoping somewhere to troubleshoot your DNS problems, so you can get exactly when it’s lost.
4. Checking the entries responsible for mails.
All emails to be received by the recipient, requires the domain to have their MX records properly setup, you can check yours by using the following command:
➜ ~ dig rosehostingtest.com MX +short 31 route2.mx.cloudflare.net. 42 route1.mx.cloudflare.net. 66 route3.mx.cloudflare.net.
So in our example case, the email from the test domain is handled by Cloudflare, and any email issues or problems need to be checked directly with them.
5. Check the RDNS of an IP address.
You can easily get a reverse DNS from one ip address (this means the hostname that is associated with the ip address basically) using this dig command:
➜ ~ dig -x 18.104.22.168 +short one.one.one.one
The hostname of the queried IP address will be available on the output.
Those are the most useful commands from the dig, but you can use more options that are available in their own manual. You can run:
man dig dig -h
This will show ALL The options available so you can do different queries. Of course, if you have an active server and need assistance in troubleshooting your DNS servers, do not hesitate to contact us. We are available 24/7/365 to help you.