useful uses of ‘dig’
Sunday, June 13th, 2010The ‘dig’ command is a tool that allows you to query the DNS system. Here are some ways that I use it that are not covered in the man page.
By default, ‘dig’ will use the DNS servers configured in your system resolver (/etc/resolv.conf on Linux) but you can specify any DNS server. Useful ones are some public ones: 8.8.4.4 and 8.8.8.8 are provided by Google. OpenDNS provides 208.67.222.222 and 208.67.220.220 (but beware they don’t return NXDOMAIN). There’s also 4.2.2.1 (not sure who provides it, but it’s easy to remember).
So if your home ISP DNS server does “DNS hijacking” and returns the IP of one of their web servers instead of NXDOMAIN, you can double-check the result with a quick dig command.
It’s also useful for checking how the propagation of a DNS entry is going. Ask the authoritative name server for the entry, then one of these public caching servers, then your ISP.
The two most common flags I use for dig are “+short” and “-x”, for terse output and a reverse lookup, respectively.
You can get the ‘dig’ command on Debian/Ubuntu by installing the ‘dnsutils’ package. On RH, it’s in ‘bind-utils’.