Using skill of dig command

in Notes with 1 comment

By the way, consdil encountered the following command in the process of learning to use the DNS part.

Dig, similar to NSLOOKUP, is a DNS query tool. Dig is actually an abbreviation of domain information groper.

Some professional DNS administrators are happy to use dig command when tracing DNS problems. They are fond of the flexible setting, clear output and powerful functions of dig.

Installing dig

 yum install bind-utils

Understand the meaning of output information

The most typical use of dig command is to query the information of a single host.


 100841547564405_ .pic_ hd.jpg

The default output information of dig command is rich, which can be divided into five parts.

By default, the dig command queries a record. The a shown in the above figure indicates that the record type to be queried is a record. Before trying to query other types of records, let's take a look at common DNS record types.

Common types of DNS records

type objective
A Address record is used to specify the IPv4 address of the domain name. If you need to point the domain name to an IP address, you need to add a record.
AAAA The address of the specified domain name (IPv6).
CNAME If you need to point a domain name to another domain name and another domain name provides an IP address, you need to add a CNAME record.
MX If you need to set up a mailbox to receive mail, you need to add MX records.
NS Domain name server records, if you need to give the subdomain name to other DNS servers for resolution, you need to add ns records.
SOA SOA is a mandatory record in all regional documents. It must be the first record in a file.
TXT You can write anything. The length limit is 255. Most of the txt records are used to do SPF records (anti spam).

More usage of dig

adopt man dig For more help on using dig, the following sections are listed:

 Usage:  dig [@global-server] [domain] [q-type] [q-class] {q-opt}
            {global-d-opt} host [@local-server] {local-d-opt}
            [ host [@local-server] {local-d-opt} [...]]
Where:  domain      is in the Domain Name System
        q-class  is one of (in,hs,ch,...) [default: in]
        q-type   is one of (a,any,mx,ns,soa,hinfo,axfr,txt, ...) [default:a]
                 (Use ixfr=version for type ixfr)
        q-opt    is one of:
                 -x dot-notation     (shortcut for reverse lookups)
                 -i                  (use IP6.INT for IPv6 reverse lookups)
                 -f filename         (batch mode)
                 -b address[#port]   (bind to source  address/port)
                 -p port             (specify port number)
                 -q name             (specify query name)
                 -t type             (specify query type)
                 -c class            (specify query class)
                 -k keyfile          (specify tsig key file)
                 -y [hmac:]name:key   (specify named base64 tsig key)
                 -4                  (use IPv4 query transport only)
                 -6                  (use IPv6 query transport only)
                 -m                  (enable memory usage debugging)

Supplementary explanation of some options:

Tracking the whole process of dig

A very famous query option of dig is + trace. After using this query option, dig will trace the query from the root domain to the final result, and output the whole process information.

 dig +trace

; <<>> DiG 9.10.6 <<>> +trace
;; global options: +cmd
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
.            259959    IN    NS
;; Received 339 bytes from in 51 ms

com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            172800    IN    NS
com.            86400    IN    DS    30909 8 2  E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.            86400    IN    RRSIG    DS 8 1 86400 20190128050000 20190115040000 16749 . b05rLsStUJJtB1apLb5OyQdmW9uxP4il93QHIMYEYbujgyfM5vHMoxcV TVxLobK/+hjrXlWC42jFA0Z6A+VIpo81t0Il4QWTq9oa6SAT7YpyfdMo MbxJh7gtHLlpzZDbuFfGaqgAEU26J5WQ3/r/7SHh2yBYfuWGbNjajbaT  TPINPRiDB3byWaXeEgVhWn+8jGPwUITPFJW6Xuhy8RWDHiM9N4qe4uZV OeLTO/H2pODGvIs1osw/BN4CdN1zgnulK+IMhVWihki6Omj2kHYFxHT9 fE/nOnDNGVrFiGtTmay6SuCrRzvKtEXXw5pggEO1T2dudpaIURgKQII3 oScFLA==
;; Received 1173 bytes from in 189 ms        172800    IN    NS        172800    IN    NS 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A  NS SOA RRSIG DNSKEY NSEC3PARAM 86400 IN RRSIG NSEC3 8 2 86400 20190119054242 20190112043242 37490 com. ELqwhVedLdRD0AC7RtXYFvUCZ5cv34ywi4gl7RXMe4AheO8nzL51s83h  pwW9A82twu9PuqOv3T2jPtBR9y/34okW6AYycHIjxz3EOFeX4ENjDVON glkhiu5oU9B25HVYbM/AKSjAEweV3KmXGEUNvZBwl2eYgGL45hKRevhi C3s= 86400 IN NSEC3 1 1 0 - 8KS8A4MMD5IEOOBOLRTG22FD42PDPLAT  NS DS RRSIG 86400 IN RRSIG NSEC3 8 2 86400 20190122060522 20190115045522 37490 com.  DnFGpn4CJtnls9iGjLqtxsELjSGOrOMuUVir84xHeqDgDfkAFfjWMuLH VGxZuGcWeTBLtcNjG9sk+KB0O2saM3849IP7vwqyp7tcREwjiRyOio7q Q/1WFf3HqA7BTJJLg4FclaHelE+ab9rXa9fdnbgaysRGL5QpGIjIZ3be Y2Q=
;; Received 916 bytes from in 298 ms        600    IN    A
;;  Received 58 bytes from in 33 ms

DNS cache

If the DNS server needs to iterate or recursively query the upper level DNS server every time, then DNS may be overburdened. Considering that the DNS information of domain name will not be modified frequently, the DNS server in each level will cache the results (including clients such as browsers will also cache DNS results).

The disadvantage of caching may be that the DNS information may not be up-to-date. For example, a domain name administrator modifies the a record of a domain name. Because each level of DNS server has a cache, the final result obtained by the client is not up-to-date. In order to obtain the latest results, you can directly query the authoritative domain name server for information.


That's about it~

  1. wwaf

    Homeboy benefits: