Skip to main content
HashnodeStackAtlasStackAtlas

Command Palette

Search for a command to run...

Master DNS Queries - dig Command

How DNS resolution works and how to inspect it using the dig command

Updated
5 min read
Master DNS Queries - dig Command
M
Minsu Agrahari
Backend-focused developer learning. I write about internal workings, fundamentals, and real project learnings. Sharing my journey, insights, and mistakes while building in public.
Part of seriesLinux Command

Conversation between URL & DNS Server

When a URL is written in the browser, the browser send the request to the DNS resolver(usually provided by the ISP or public DNS like Google DNS). The DNS resolver check whether the URL is present in the cache memory, if it is already present in the cache IP address is send to the browser or else it starts the DNS lookup process.

The DNS resolver first contacts the DNS Root Server, which does not know the IP address but know “Whom to talk next” i.e., root server tells the DNS resolver which Top-Level Domain (TLD) server is responsible for the domain (like, .com, .in, .gov.in). Next the DNS Resolver queries the domain TLD server, which responds with the authoritative name server (NS record). The DNS The DNS resolver then talk with the authoritative name server and gets the address either IPv4/IPv6 via A/AAAA record respectively.

After getting, the IP address either HTTPS/HTTP connection is established between the client and server. To send or receive mails MX Record (Mail Exchange Record) is used. For verification and authorization TXT Record(Text Record) is used.

dig command in Linux

dig command stands for Domain Information Groper. It retrieves information about DNS name servers. Network administrators uses it for troubleshoot DNS and verify problems.

dig installation

Check dig is installed into you Ubuntu System

which dig

This shows, dig is not installed in your system.

To install dig, Run the following command in terminal:

sudo apt install bind9-dnsutils

This will install the following things, in the system:

  1. Installs the BIND 9 DNS client utilities

  2. Provides commands like:

    1. dig → query DNS records (NS, A, AAAA, MX, TXT, CNAME)

    2. nslookup → simple DNS lookup

  3. Used for network debugging, server setup, and learning DNS

Check dig is installed or not:

which dig

dig Syntax:

dig [serverName] [record] [option]

Working with dig Command

  1. To query domain “A” record

    dig chaicode.com A

chaicode.com resolve to 2 IPv4 address:

  1. 104.21.16.156

  2. 172.67.213.172

Multiple IPv4 address, help to maintain the site, effectively distribute the load in different servers (Load balancing) and to increase the availability of site, at high traffic scenario

  1. To query domain “AAAA” record

    dig chaicode.com AAAA

    The domain resolves to the following IPv6 addresses:

    1. 2606:4700:3037::6815:109c

    2. 2606:4700:3037::ac43:d5ac

    Multiple Ipv6 address indicate load balancing and redundancy commonly provided through a Content Delivery Network (CDN) such as Cloudflare.

  2. To query Mail Exchange “MX” Record

    dig chaicode.com MX

    The MX record tell the other mail servers where to deliver the email for a domain and in what order.

    Mail servers for chaicode.com

    
Priority 1  -> aspmx.l.google.com.
Priority 5  -> alt1.aspmx.l.google.com.
Priority 5  -> alt2.aspmx.l.google.com.
Priority 10 -> alt3.aspmx.l.google.com.
Priority 10 -> alt4.aspmx.l.google.com.

    How priority works

    • Lower number = higher priority [ 1 > 5 > 5 > 10 > 10] of mail delivering order

    • If the mail server is unreachable, it fails back to other options.

  3. To query Text Record “TXT” Record

    dig chaicode.com TXT

    The TXT Record stores human-readable configuration data for domain, verification, email security, other.

    The TXT Record for chaicode.com show 2 important configurations:

    1. v=spf1 include:dc-aa8e722993._spfm.chaicode.com ~all, this is a SPF (Sender Policy Framework) policy, which specify which mail servers are authorized to send email, this prevent email spoofing.

    2. google-site-verification=xvyWAw6Vt-EhY2ZbgAF7NiEx6iVxuypQyRlfyGedE5A, it is a Google site verification token, used to prove the domain ownership for Google services such as Search Console or Google Workspace.

dig Options

  1. To query domain “A” record with +short

    dig chaicode.com A +short

    +short option in dig command tells dig to remove all the verbose output and to display only show the final expected output return by DNS.

    So, the IPv4 of chaicode.com is displayed 172.67.213.172 and 104.21.16.156.

  2. dig option +nocomments

    dig chaicode.com +nocomments

    The dig option +nocomments, hide the self-explanatory comments lines make the output cleaner and easier to read without minimal as +short.

  3. dig option +noall

    dig chaicode.com +noall

    The +noall, options tell dig command to disable all the default output section, including the question, answer, authority and other.

  4. dig query ANY

    dig chaicode.com ANY

    The ANY query asks a DNS server to return all available record types for a domain in a single query, but modern DNS server intentionally do not return full data for ANY query.

    The output in the above output screen, the server responds with an HINFO record containing “RFC8482”, which is a standardized signal telling clients that ANY query is disabled or minimized.

-—» THE END, see you in Next Article😁👍

#linux#linux-commands#linux-for-beginners#linux-basics#dns#chaicode#chaiaurcode#cohort2026
8 views

Comments

Join the discussion

No comments yet. Be the first to comment.

Linux Command

Part 1 of 2

....

Up next

Understanding CURL: Talking to Servers from the Terminal

cURL: The digital postman - Deliver Request & Responses between Client & Server

More from this blog

S

StackAtlas

15 posts