Linux dig command

Linux dig command, how to install it and use it

Dig command (Domain Information Groper) is one of the most popular DNS testing tools. You can use it to troubleshoot your DNS and make sure everything works fine. You can try it on Linux, Mac OS, and Windows. For this demonstration, we will use a random old laptop with the latest version of Linux Mint (19.1). Linux Mint is based on Ubuntu Linux. Many old laptops can get a new life as a diagnostic tool.

How to install the dig command on Linux?

First, let’s check if you already have the dig command installed. You can do that by opening the terminal and writing dig -v. If you have it, your computer will show a message similar to this one:

DiG 9.11.3-1ubuntu1.7-Ubuntu.

Many new Linux distros have it pre-installed. In case you don’t have it, you will get the following message:

dig command not found

For Linux Mint, Ubuntu and other Ubuntu-based Linux distributions you can use the following command:

sudo apt install dnsutils

If you are using Fedora or CentOS you should use:

sudo yum install bind-utils

And for Arch Linux users:

sudo pacman -S bind-tools

Understanding the dig command

Let’s start with a simple example to understand it. We will use google.com for the testing. You can try it directly with your domain, by simply replacing google.com with your domain.

dig google.com

dig command

The first line will inform you about the version of the dig command and the second about the global option.

After that, you will get technical information provided by the DNS nameserver. The header shows you what did you do and was it successful. If there is “NOERROR” that there was no problem.
You will see the answer for the EDNS.
Following line shows that by default you are requesting the A record.
You will get the answer for the A record – the correspondent IP address and you will get statistic about the query.

More dig command examples:

dig google.com +short

dig command short

This will show you just the IP address without any additional information.

dig google.com MX

dig command MX record

You can query different types of records like the mail exchanger ones. MX records show the responsible mail server for accepting emails. 

dig google.com SOA

dig command SOA record

SOA – the start of authority, shows the authoritative DNS server.

dig google.com TTL

dig TTL

TTL – time to live. It shows how long the data should be kept. You can read more about TTL HERE

dig google.com +nocomments +noquestion +noauthority +noadditional +nostats

dig only answer query

Only answer query. Use it if you don’t want to receive extra information.

dig google.com ANY +noall +answer

Query all types of DNS records. It will show all the different types of DNS records.

dig -x 172.217.1.142

dig reverse dns lookup

Reverse DNS lookup. You can also do the opposite and check the IP address. The rDNS is used for verification. The result will be a PTR record that verifies the nameserver.

dig @8.8.8.8 +trace google.com

dig trace

Trace DNS Path. It will show the whole route that a DNS query takes. Every hop from a server to server. It can show you where exactly server is not working.

11 dig -p 5300 google.com

dig port check

Specify Port Number. If you have changed the standard port 53 to another for increased security, you can make a dig command to check if it is working correctly.

Now you know the basics of the dig command on Linux. You can start experimenting by yourself.
You can get some additional information about the dig command and a few more options to try in our Wiki.

We can recommend you a few more tools that can be useful for your DNS diagnostic Nslookup, Traceroute and Ping.

Sources used:
Linuxize.com
Tecmint.com

What is DNS propagation? How to check DNS propagation?

DNS propagation, you already know what DNS is, and if you don’t, you can check it HERE.
Now let’s see the second word – propagation. To propagate, it means to spread ideas, opinions among people and places (Cambridge Dictionary).

DNS propagation

DNS propagation

It is about the time it takes, to expire the cache in the recursive servers after you make your nameservers to point to new hosting. When you make the changes in your DNS records, they will get instantly updated in the authoritative servers. It will take extra time, for the data, to be modified in all the recursive servers along the way.

The connection passes through many recursive servers, including those in your internet provider (ISP). All of them have TTL (Time to live) which defines for how long they will keep the DNS cache with the DNS records. The DNS cache exists mostly for load balancing so that it won’t be so heavy on your nameservers and to make the whole process faster.

When a user uses their browser to open a web page for the first time, he or she will send a request all the way to an authoritative server. If it is not for the first time, the request will get an answer on the way in a recursive server, and if the data is still up to date, the user will get his answer quicker.

Basically, the DNS propagation depends on the TTL in the DNS records.

How to make the DNS propagation faster?

Continue reading “What is DNS propagation? How to check DNS propagation?”

TTL and how to check TTL

TTL – Time to live is a value that signifies how long should the data be kept before discarding. It is commonly used in computers. In the Domain Name System, it has a value in seconds (86 400 for a day, 43 200 for 12 hours and so on) that shows for how long, should a record be kept locally, before you need to make a new query to get this information. The TTL is set separately for the different records. They are set in the authoritative DNS server and the recursive DNS will keep the information depending on the predetermined time. This process of temporary having the record is called caching and the temporary stored data – DNS cache.

TTL

Continue reading “TTL and how to check TTL”