Description:
The digger application will send domain name query packets to any DNS name server in the Internet. There are three data elements required in order to formulate a DNS query using dig:
Compare usage of digger to nslookup.
Usage:
This application is useful for gathering address information about hosts in the network. It can be used to query the Internet domain name service (DNS) for specific information about hosts (mail exchanger records [MX]; IP address [A]; canonical names [CNAME]; etc.). If you have an IP address, you can get a canonical name back for the address. If you have a canonical name, you can get an IP address. Another extremely useful feature is the ability to get a listing of hosts which serve mail exchange [MX] functions for a specific domain.
These functions can also be performed using nslookup, but dig output is slightly more detailed. Additionally, in the operating system a dig query can be formulated on one line at the system prompt.
Syntax:
The inetroom@cni.org account is using dig with the following command syntax:
/usr/local/bin/dig @<dns server> <hostname> <record type>
e.g. dig @a.cni.org cni.org MX
Operation on the INETROOM account:
If you select '3' from the main menu, you will be prompted:
What is the address of the domain name server you wish to use?
Strike RETURN to accept the default server [default = a.cni.org].
If you simply strike a RETURN, you will accept the default DNS server on the
Coalition's host a.cni.org.
However, please note the at some times it is necessary to query the DNS source of authority (SOA) record record in order to get the most accurate and up-to-date information. The DNS server which provides the SOA record for a domain is usually the first DNS server listed in the WHOIS database at the Internic. SOA records can also be queried using dig.
You will be queried for the name/address of the host you wish to query. Enter the Internet style address, and strike RETURN.
What is the host address you are trying to verify?
e.g. foo.bar.com
---> cni.org
The third prompt will ask you for the type of record you wish to retrieve from DNS. Mail exchanger [MX] records are a good thing to query on if you have somebody's e-mail address and you are trying to resolve it to an actual hostname that receives the mail. When in doubt, you should probably search use type ANY -- this will retrieve any record which corresponds to the address you entered above.
What type of record are you looking for?
e.g. A, ANY, CNAME, HINFO, MX, NS, PTR, SOA, TXT or WKS
---> MX
As you can see, the record which is returned can be fairly detailed.Interpretting the record can take some skill. In general, pay attention to the areas in the center of the record that are tagged ;;ANSWERS: and ;;ADDITIONAL RECORDS:. (Added emphasis mine.)
Looking up MX records for cni.org using a.cni.org as DNS server
; <<>> DiG 2.0 <<>> @a.cni.org cni.org MX
;; ->>HEADER<<- opcode: QUERY , status: NOERROR, id: 10
;; flags: qr aa rd ra ; Ques: 1, Ans: 1, Auth: 0, Addit: 1
;; QUESTIONS:
;; cni.org, type = MX, class = IN
;; ANSWERS:
cni.org. 3600 MX 10 a.cni.org.
;; ADDITIONAL RECORDS:
a.cni.org. 3600 A 192.100.21.1
;; Sent 1 pkts, answer found in time: 0 msec
;; FROM: a.cni.org to SERVER: a.cni.org 192.100.21.1
;; WHEN: Thu May 12 23:32:15 1994
;; MSG SIZE sent: 25 rcvd: 59
Strike RETURN to continue...
In the records above, you can see that the host 'a.cni.org' (IP = 192.100.21.1) operates a mail exchanger for all mail coming into the cni.org domain.
Possible errors:
;; AUTHORITY RECORDS:. 86400 SOA NS.INTERNIC.NET. HOSTMASTER.INTERNIC.NET. (
940506 ;serial
10800 ;refresh
900 ;retry
604800 ;expire
86400 ) ;minim
The ;;AUTHORITY RECORDS: information is returned when you have queried on a hostname that can not be found within the DNS system. The system has returned to you the DNS query as far as it could be resolved (in the case above, the query for foo.bar.com failed at the Internic database -- meaning that there is a record for the .com domain, but no record for a foo.com domain).
If you are sure that the hostname or domain name you queried is valid, use whois to get the source of authority DNS server address from the Internic WHOIS database, and try a query using the SOA DNS server rather than the DNS (probably default) server you used.
no ;; ANSWERS:no ;; ADDITIONAL RECORDS:
no ;; AUTHORITY RECORDS:
No record type (of the kind you queried) for the hostname you queried exits.