dig command example

Linux dig command, how to install it and use it

Dig command (Domain Information Groper) is one of the most popular DNS testing tools. You can use it to troubleshoot your DNS and make sure everything works fine. You can try it on Linux, Mac OS, and Windows. For this demonstration, we will use a random old laptop with the latest version of Linux Mint (19.1). Linux Mint is based on Ubuntu Linux. Many old laptops can get a new life as a diagnostic tool.

How to install the dig command on Linux?

First, let’s check if you already have the dig command installed. You can do that by opening the terminal and writing dig -v. If you have it, your computer will show a message similar to this one:

DiG 9.11.3-1ubuntu1.7-Ubuntu.

Many new Linux distros have it pre-installed. In case you don’t have it, you will get the following message:

dig command not found

For Linux Mint, Ubuntu and other Ubuntu-based Linux distributions you can use the following command:

sudo apt install dnsutils

If you are using Fedora or CentOS you should use:

sudo yum install bind-utils

And for Arch Linux users:

sudo pacman -S bind-tools

Understanding the dig command

Let’s start with a simple example to understand it. We will use google.com for the testing. You can try it directly with your domain, by simply replacing google.com with your domain.

dig google.com

dig command

The first line will inform you about the version of the dig command and the second about the global option.

After that, you will get technical information provided by the DNS nameserver. The header shows you what did you do and was it successful. If there is “NOERROR” that there was no problem.
You will see the answer for the EDNS.
Following line shows that by default you are requesting the A record.
You will get the answer for the A record – the correspondent IP address and you will get statistic about the query.

More dig command examples:

dig google.com +short

dig command short

This will show you just the IP address without any additional information.

dig google.com MX

dig command MX record

You can query different types of records like the mail exchanger ones. MX records show the responsible mail server for accepting emails. 

dig google.com SOA

dig command SOA record

SOA – the start of authority, shows the authoritative DNS server.

dig google.com TTL

dig TTL

TTL – time to live. It shows how long the data should be kept. You can read more about TTL HERE

dig google.com +nocomments +noquestion +noauthority +noadditional +nostats

dig only answer query

Only answer query. Use it if you don’t want to receive extra information.

dig google.com ANY +noall +answer

Query all types of DNS records. It will show all the different types of DNS records.

dig -x 172.217.1.142

dig reverse dns lookup

Reverse DNS lookup. You can also do the opposite and check the IP address. The rDNS is used for verification. The result will be a PTR record that verifies the nameserver.

dig @8.8.8.8 +trace google.com

dig trace

Trace DNS Path. It will show the whole route that a DNS query takes. Every hop from a server to server. It can show you where exactly server is not working.

11 dig -p 5300 google.com

dig port check

Specify Port Number. If you have changed the standard port 53 to another for increased security, you can make a dig command to check if it is working correctly.

Now you know the basics of the dig command on Linux. You can start experimenting by yourself.
You can get some additional information about the dig command and a few more options to try in our Wiki.

We can recommend you a few more tools that can be useful for your DNS diagnostic Nslookup, Traceroute and Ping.

Sources used:
Linuxize.com https://linuxize.com/post/how-to-use-dig-command-to-query-dns-in-linux/
Tecmint.com https://www.tecmint.com/10-linux-dig-domain-information-groper-commands-to-query-dns/

A case study of the top 50 e-commerce sites and their DNS

The recent Black Friday we again saw the news for record-breaking revenues and profits. Over the past few years, the web has gotten faster, according to Google, 53% of users will abandon a site if it doesn’t load within three seconds. By this, you can guess that for a shopping site, the speed of the website reflects its revenue. So, we want to see whether e-commerce sites got faster as well?

The DDoS attacks are also increasing. According to Kaspersky Lab 33% of organizations experienced a DDoS attack in 2017, compared to 17% in 2016. So we also want to know if the top shopping websites are well prepared for future attacks.

In this article, we will check with our DNS tool all of the top 50 E-Commerce websites. We will see if their speed and DDoS protection is fine or they will need to improve. Based on our research we will make recommendations how these websites can improve.

ecommerce DNS Continue reading “A case study of the top 50 e-commerce sites and their DNS”