The ‘dig’ command is a tool that allows you to query the DNS system. Here are some ways that I use it that are not covered in the man page.
By default, ‘dig’ will use the DNS servers configured in your system resolver (/etc/resolv.conf on Linux) but you can specify any DNS server. Useful ones are some public ones: 126.96.36.199 and 188.8.131.52 are provided by Google. OpenDNS provides 184.108.40.206 and 220.127.116.11 (but beware they don’t return NXDOMAIN). There’s also 18.104.22.168 (not sure who provides it, but it’s easy to remember).
So if your home ISP DNS server does “DNS hijacking” and returns the IP of one of their web servers instead of NXDOMAIN, you can double-check the result with a quick dig command.
It’s also useful for checking how the propagation of a DNS entry is going. Ask the authoritative name server for the entry, then one of these public caching servers, then your ISP.
The two most common flags I use for dig are “+short” and “-x”, for terse output and a reverse lookup, respectively.
You can get the ‘dig’ command on Debian/Ubuntu by installing the ‘dnsutils’ package. On RH, it’s in ‘bind-utils’.