dig: Difference between revisions
From Leechfinger
Jump to navigationJump to search
No edit summary |
|||
| (18 intermediate revisions by the same user not shown) | |||
| Line 19: | Line 19: | ||
$ apt install bind9-dnsutils | $ apt install bind9-dnsutils | ||
</syntaxhighlight> | </syntaxhighlight> | ||
=== Download root name servers cache file === | |||
Both files are identical, so use either one. | |||
<syntaxhighlight lang="bash"> | |||
$ wget ftp://ftp.rs.internic.net/domain/named.cache | |||
$ wget ftp://ftp.rs.internic.net/domain/db.cache | |||
</syntaxhighlight> | |||
=== Reverse lookup === | === Reverse lookup === | ||
This option sets simplified reverse lookups, for mapping addresses to names. | This option sets simplified reverse lookups, for mapping addresses to names. | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
$ dig -x 54.239.28.85 | $ dig -x 54.239.28.85 | ||
</syntaxhighlight> | |||
=== Check dig version === | |||
<syntaxhighlight lang="bash"> | |||
$ dig -v | |||
</syntaxhighlight> | |||
=== Find the ip of a host === | |||
<syntaxhighlight lang="bash"> | |||
$ dig amazon.com | grep -A 1 --color 'ANSWER SECTION' | |||
;; ANSWER SECTION: | |||
amazon.com. 842 IN A 205.251.242.103 | |||
$ dig google.com +short | |||
142.250.113.102 | |||
142.250.113.101 | |||
142.250.113.100 | |||
142.250.113.113 | |||
142.250.113.139 | |||
142.250.113.138 | |||
$ dig amazon.com +noall +answer | |||
amazon.com. 325 IN A 52.94.236.248 | |||
amazon.com. 325 IN A 205.251.242.103 | |||
amazon.com. 325 IN A 54.239.28.85 | |||
</syntaxhighlight> | |||
Look at the "ANSWER SECTION", it has name, TTL in seconds, IN (class or internet), A (record type), IP. | |||
=== Specify an exact DNS to search === | |||
<syntaxhighlight lang="bash"> | |||
$ dig @8.8.8.8 amazon.com | |||
</syntaxhighlight> | |||
=== List all DNS of a host === | |||
<syntaxhighlight lang="bash"> | |||
$ dig google.com A +nssearch | |||
SOA ns1.google.com. dns-admin.google.com. 759020131 900 900 1800 60 from server 216.239.38.10 in 28 ms. | |||
SOA ns1.google.com. dns-admin.google.com. 759020131 900 900 1800 60 from server 216.239.32.10 in 28 ms. | |||
SOA ns1.google.com. dns-admin.google.com. 759020131 900 900 1800 60 from server 216.239.36.10 in 44 ms. | |||
SOA ns1.google.com. dns-admin.google.com. 759020131 900 900 1800 60 from server 216.239.34.10 in 52 ms. | |||
</syntaxhighlight> | |||
=== Deep dive with trace === | |||
This option toggles tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled by default. When tracing is enabled, dig makes iterative queries to resolve the name being looked up. It follows referrals from the root servers, showing the answer from each server that was used to resolve the lookup. | |||
<syntaxhighlight lang="bash"> | |||
$ dig amazon.com +trace | |||
</syntaxhighlight> | |||
=== 13 root servers === | |||
<syntaxhighlight lang="bash"> | |||
$ dig NS . | |||
;; ANSWER SECTION: | |||
. 515350 IN NS k.root-servers.net. | |||
. 515350 IN NS l.root-servers.net. | |||
. 515350 IN NS m.root-servers.net. | |||
. 515350 IN NS a.root-servers.net. | |||
. 515350 IN NS b.root-servers.net. | |||
. 515350 IN NS c.root-servers.net. | |||
. 515350 IN NS d.root-servers.net. | |||
. 515350 IN NS e.root-servers.net. | |||
. 515350 IN NS f.root-servers.net. | |||
. 515350 IN NS g.root-servers.net. | |||
. 515350 IN NS h.root-servers.net. | |||
. 515350 IN NS i.root-servers.net. | |||
. 515350 IN NS j.root-servers.net. | |||
;; ADDITIONAL SECTION: | |||
h.root-servers.net. 601447 IN A 198.97.190.53 | |||
i.root-servers.net. 601603 IN A 192.36.148.17 | |||
k.root-servers.net. 601561 IN A 193.0.14.129 | |||
</syntaxhighlight> | |||
=== NS for com and gov === | |||
<syntaxhighlight lang="bash"> | |||
$ dig NS com @e.root-servers.net | |||
;; AUTHORITY SECTION: | |||
com. 172800 IN NS a.gtld-servers.net. | |||
com. 172800 IN NS b.gtld-servers.net. | |||
com. 172800 IN NS c.gtld-servers.net. | |||
com. 172800 IN NS d.gtld-servers.net. | |||
com. 172800 IN NS e.gtld-servers.net. | |||
com. 172800 IN NS f.gtld-servers.net. | |||
com. 172800 IN NS g.gtld-servers.net. | |||
com. 172800 IN NS h.gtld-servers.net. | |||
com. 172800 IN NS i.gtld-servers.net. | |||
com. 172800 IN NS j.gtld-servers.net. | |||
com. 172800 IN NS k.gtld-servers.net. | |||
com. 172800 IN NS l.gtld-servers.net. | |||
com. 172800 IN NS m.gtld-servers.net. | |||
;; ADDITIONAL SECTION: | |||
a.gtld-servers.net. 172800 IN A 192.5.6.30 | |||
a.gtld-servers.net. 172800 IN AAAA 2001:503:a83e::2:30 | |||
b.gtld-servers.net. 172800 IN A 192.33.14.30 | |||
b.gtld-servers.net. 172800 IN AAAA 2001:503:231d::2:30 | |||
c.gtld-servers.net. 172800 IN A 192.26.92.30 | |||
c.gtld-servers.net. 172800 IN AAAA 2001:503:83eb::30 | |||
d.gtld-servers.net. 172800 IN A 192.31.80.30 | |||
d.gtld-servers.net. 172800 IN AAAA 2001:500:856e::30 | |||
e.gtld-servers.net. 172800 IN A 192.12.94.30 | |||
e.gtld-servers.net. 172800 IN AAAA 2001:502:1ca1::30 | |||
f.gtld-servers.net. 172800 IN A 192.35.51.30 | |||
f.gtld-servers.net. 172800 IN AAAA 2001:503:d414::30 | |||
g.gtld-servers.net. 172800 IN A 192.42.93.30 | |||
g.gtld-servers.net. 172800 IN AAAA 2001:503:eea3::30 | |||
h.gtld-servers.net. 172800 IN A 192.54.112.30 | |||
h.gtld-servers.net. 172800 IN AAAA 2001:502:8cc::30 | |||
i.gtld-servers.net. 172800 IN A 192.43.172.30 | |||
i.gtld-servers.net. 172800 IN AAAA 2001:503:39c1::30 | |||
j.gtld-servers.net. 172800 IN A 192.48.79.30 | |||
j.gtld-servers.net. 172800 IN AAAA 2001:502:7094::30 | |||
k.gtld-servers.net. 172800 IN A 192.52.178.30 | |||
k.gtld-servers.net. 172800 IN AAAA 2001:503:d2d::30 | |||
l.gtld-servers.net. 172800 IN A 192.41.162.30 | |||
l.gtld-servers.net. 172800 IN AAAA 2001:500:d937::30 | |||
m.gtld-servers.net. 172800 IN A 192.55.83.30 | |||
m.gtld-servers.net. 172800 IN AAAA 2001:501:b1f9::30 | |||
$ dig NS gov @e.root-servers.net | |||
;; AUTHORITY SECTION: | |||
gov. 172800 IN NS a.ns.gov. | |||
gov. 172800 IN NS b.ns.gov. | |||
gov. 172800 IN NS c.ns.gov. | |||
gov. 172800 IN NS d.ns.gov. | |||
;; ADDITIONAL SECTION: | |||
a.ns.gov. 172800 IN A 199.33.230.1 | |||
a.ns.gov. 172800 IN AAAA 2001:503:ff40::1 | |||
b.ns.gov. 172800 IN A 199.33.231.1 | |||
b.ns.gov. 172800 IN AAAA 2001:503:ff41::1 | |||
c.ns.gov. 172800 IN A 199.33.232.1 | |||
c.ns.gov. 172800 IN AAAA 2001:503:ff42::1 | |||
d.ns.gov. 172800 IN A 199.33.233.1 | |||
d.ns.gov. 172800 IN AAAA 2001:503:ff43::1 | |||
</syntaxhighlight> | |||
=== Get the Domain's name server === | |||
<syntaxhighlight lang="bash"> | |||
$ dig NS google.com @j.gtld-servers.net. | |||
;; AUTHORITY SECTION: | |||
google.com. 172800 IN NS ns2.google.com. | |||
google.com. 172800 IN NS ns1.google.com. | |||
google.com. 172800 IN NS ns3.google.com. | |||
google.com. 172800 IN NS ns4.google.com. | |||
;; ADDITIONAL SECTION: | |||
ns2.google.com. 172800 IN AAAA 2001:4860:4802:34::a | |||
ns2.google.com. 172800 IN A 216.239.34.10 | |||
ns1.google.com. 172800 IN AAAA 2001:4860:4802:32::a | |||
ns1.google.com. 172800 IN A 216.239.32.10 | |||
ns3.google.com. 172800 IN AAAA 2001:4860:4802:36::a | |||
ns3.google.com. 172800 IN A 216.239.36.10 | |||
ns4.google.com. 172800 IN AAAA 2001:4860:4802:38::a | |||
ns4.google.com. 172800 IN A 216.239.38.10 | |||
</syntaxhighlight> | |||
=== Get MX NS A records === | |||
<syntaxhighlight lang="bash"> | |||
$ dig MX yahoo.com | |||
$ dig NS yahoo.com | |||
$ dig A yahoo.com | |||
</syntaxhighlight> | |||
=== Find your public ip === | |||
<syntaxhighlight lang="bash"> | |||
$ dig +short myip.opendns.com @resolver1.opendns.com | |||
$ dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | |||
$ dig +short txt ch whoami.cloudflare @1.0.0.1 | |||
</syntaxhighlight> | </syntaxhighlight> | ||
[[Category:Commands]] | [[Category:Commands]] | ||
Latest revision as of 13:46, 18 May 2025
Install dig package
Dig is part of package bind9-dnsutils.
$ apt-file list bind9-dnsutils
bind9-dnsutils: /usr/bin/delv
bind9-dnsutils: /usr/bin/dig
bind9-dnsutils: /usr/bin/dnstap-read
bind9-dnsutils: /usr/bin/mdig
bind9-dnsutils: /usr/bin/nslookup
bind9-dnsutils: /usr/bin/nsupdate
bind9-dnsutils: /usr/share/doc/bind9-dnsutils/changelog.Debian.gz
bind9-dnsutils: /usr/share/doc/bind9-dnsutils/copyright
bind9-dnsutils: /usr/share/man/man1/delv.1.gz
bind9-dnsutils: /usr/share/man/man1/dig.1.gz
bind9-dnsutils: /usr/share/man/man1/dnstap-read.1.gz
bind9-dnsutils: /usr/share/man/man1/mdig.1.gz
bind9-dnsutils: /usr/share/man/man1/nslookup.1.gz
bind9-dnsutils: /usr/share/man/man1/nsupdate.1.gz
$ apt install bind9-dnsutils
Download root name servers cache file
Both files are identical, so use either one.
$ wget ftp://ftp.rs.internic.net/domain/named.cache
$ wget ftp://ftp.rs.internic.net/domain/db.cache
Reverse lookup
This option sets simplified reverse lookups, for mapping addresses to names.
$ dig -x 54.239.28.85
Check dig version
$ dig -v
Find the ip of a host
$ dig amazon.com | grep -A 1 --color 'ANSWER SECTION'
;; ANSWER SECTION:
amazon.com. 842 IN A 205.251.242.103
$ dig google.com +short
142.250.113.102
142.250.113.101
142.250.113.100
142.250.113.113
142.250.113.139
142.250.113.138
$ dig amazon.com +noall +answer
amazon.com. 325 IN A 52.94.236.248
amazon.com. 325 IN A 205.251.242.103
amazon.com. 325 IN A 54.239.28.85
Look at the "ANSWER SECTION", it has name, TTL in seconds, IN (class or internet), A (record type), IP.
Specify an exact DNS to search
$ dig @8.8.8.8 amazon.com
List all DNS of a host
$ dig google.com A +nssearch
SOA ns1.google.com. dns-admin.google.com. 759020131 900 900 1800 60 from server 216.239.38.10 in 28 ms.
SOA ns1.google.com. dns-admin.google.com. 759020131 900 900 1800 60 from server 216.239.32.10 in 28 ms.
SOA ns1.google.com. dns-admin.google.com. 759020131 900 900 1800 60 from server 216.239.36.10 in 44 ms.
SOA ns1.google.com. dns-admin.google.com. 759020131 900 900 1800 60 from server 216.239.34.10 in 52 ms.
Deep dive with trace
This option toggles tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled by default. When tracing is enabled, dig makes iterative queries to resolve the name being looked up. It follows referrals from the root servers, showing the answer from each server that was used to resolve the lookup.
$ dig amazon.com +trace
13 root servers
$ dig NS .
;; ANSWER SECTION:
. 515350 IN NS k.root-servers.net.
. 515350 IN NS l.root-servers.net.
. 515350 IN NS m.root-servers.net.
. 515350 IN NS a.root-servers.net.
. 515350 IN NS b.root-servers.net.
. 515350 IN NS c.root-servers.net.
. 515350 IN NS d.root-servers.net.
. 515350 IN NS e.root-servers.net.
. 515350 IN NS f.root-servers.net.
. 515350 IN NS g.root-servers.net.
. 515350 IN NS h.root-servers.net.
. 515350 IN NS i.root-servers.net.
. 515350 IN NS j.root-servers.net.
;; ADDITIONAL SECTION:
h.root-servers.net. 601447 IN A 198.97.190.53
i.root-servers.net. 601603 IN A 192.36.148.17
k.root-servers.net. 601561 IN A 193.0.14.129
NS for com and gov
$ dig NS com @e.root-servers.net
;; AUTHORITY SECTION:
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
;; ADDITIONAL SECTION:
a.gtld-servers.net. 172800 IN A 192.5.6.30
a.gtld-servers.net. 172800 IN AAAA 2001:503:a83e::2:30
b.gtld-servers.net. 172800 IN A 192.33.14.30
b.gtld-servers.net. 172800 IN AAAA 2001:503:231d::2:30
c.gtld-servers.net. 172800 IN A 192.26.92.30
c.gtld-servers.net. 172800 IN AAAA 2001:503:83eb::30
d.gtld-servers.net. 172800 IN A 192.31.80.30
d.gtld-servers.net. 172800 IN AAAA 2001:500:856e::30
e.gtld-servers.net. 172800 IN A 192.12.94.30
e.gtld-servers.net. 172800 IN AAAA 2001:502:1ca1::30
f.gtld-servers.net. 172800 IN A 192.35.51.30
f.gtld-servers.net. 172800 IN AAAA 2001:503:d414::30
g.gtld-servers.net. 172800 IN A 192.42.93.30
g.gtld-servers.net. 172800 IN AAAA 2001:503:eea3::30
h.gtld-servers.net. 172800 IN A 192.54.112.30
h.gtld-servers.net. 172800 IN AAAA 2001:502:8cc::30
i.gtld-servers.net. 172800 IN A 192.43.172.30
i.gtld-servers.net. 172800 IN AAAA 2001:503:39c1::30
j.gtld-servers.net. 172800 IN A 192.48.79.30
j.gtld-servers.net. 172800 IN AAAA 2001:502:7094::30
k.gtld-servers.net. 172800 IN A 192.52.178.30
k.gtld-servers.net. 172800 IN AAAA 2001:503:d2d::30
l.gtld-servers.net. 172800 IN A 192.41.162.30
l.gtld-servers.net. 172800 IN AAAA 2001:500:d937::30
m.gtld-servers.net. 172800 IN A 192.55.83.30
m.gtld-servers.net. 172800 IN AAAA 2001:501:b1f9::30
$ dig NS gov @e.root-servers.net
;; AUTHORITY SECTION:
gov. 172800 IN NS a.ns.gov.
gov. 172800 IN NS b.ns.gov.
gov. 172800 IN NS c.ns.gov.
gov. 172800 IN NS d.ns.gov.
;; ADDITIONAL SECTION:
a.ns.gov. 172800 IN A 199.33.230.1
a.ns.gov. 172800 IN AAAA 2001:503:ff40::1
b.ns.gov. 172800 IN A 199.33.231.1
b.ns.gov. 172800 IN AAAA 2001:503:ff41::1
c.ns.gov. 172800 IN A 199.33.232.1
c.ns.gov. 172800 IN AAAA 2001:503:ff42::1
d.ns.gov. 172800 IN A 199.33.233.1
d.ns.gov. 172800 IN AAAA 2001:503:ff43::1
Get the Domain's name server
$ dig NS google.com @j.gtld-servers.net.
;; AUTHORITY SECTION:
google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns1.google.com.
google.com. 172800 IN NS ns3.google.com.
google.com. 172800 IN NS ns4.google.com.
;; ADDITIONAL SECTION:
ns2.google.com. 172800 IN AAAA 2001:4860:4802:34::a
ns2.google.com. 172800 IN A 216.239.34.10
ns1.google.com. 172800 IN AAAA 2001:4860:4802:32::a
ns1.google.com. 172800 IN A 216.239.32.10
ns3.google.com. 172800 IN AAAA 2001:4860:4802:36::a
ns3.google.com. 172800 IN A 216.239.36.10
ns4.google.com. 172800 IN AAAA 2001:4860:4802:38::a
ns4.google.com. 172800 IN A 216.239.38.10
Get MX NS A records
$ dig MX yahoo.com
$ dig NS yahoo.com
$ dig A yahoo.com
Find your public ip
$ dig +short myip.opendns.com @resolver1.opendns.com
$ dig TXT +short o-o.myaddr.l.google.com @ns1.google.com
$ dig +short txt ch whoami.cloudflare @1.0.0.1
