Feedback

Let us know what you think of our Knowledge Center!

Open Cloud Community

Learn about Rackspace products, ask questions, and share your knowledge in our Open Cloud Community.

Troubleshooting DNS with dig

Article ID: 1519
Last updated on August 10, 2012
Authored by: Rackspace Support
(2 Comments)

Using the dig (domain information groper) command, you can query the specific DNS servers and specific records on those servers.

Installing Dig

You may already have dig installed. To find out, run the following command in a terminal window:

	which dig

If you receive a message that the system couldn't find dig, it's easy to install.

Ubuntu and Debian

For Ubuntu, Debian, and other distributions that use the apt package manager, run:

	sudo aptitude install dnsutils

CentOS, Red Hat, Fedora

For CentOS, Red Hat, Fedora, and other distributions using the yum package manager, run:

	sudo yum install bind-utils

Dig Basics

The basics of the dig command are very simple. Let's start looking at the DNS records for Google™:

# dig google.com

The response from this command is similar to the following:

	; <<>> DiG 9.3.4 <<>> google.com
	;; global options:  printcmd
	;; Got answer:
	;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10147
	;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 4

	;; QUESTION SECTION:
	;google.com.                    IN      A

	;; ANSWER SECTION:
	google.com.             103     IN      A       72.14.207.99
	google.com.             103     IN      A       64.233.167.99
	google.com.             103     IN      A       64.233.187.99

	;; AUTHORITY SECTION:
	google.com.             71923   IN      NS      ns1.google.com.
	google.com.             71923   IN      NS      ns2.google.com.
	google.com.             71923   IN      NS      ns3.google.com.
	google.com.             71923   IN      NS      ns4.google.com.

	;; ADDITIONAL SECTION:
	ns1.google.com.         300836  IN      A       216.239.32.10
	ns2.google.com.         300836  IN      A       216.239.34.10
	ns3.google.com.         300836  IN      A       216.239.36.10
	ns4.google.com.         300836  IN      A       216.239.38.10

	;; Query time: 1 msec
	;; SERVER: 208.78.97.155#53(208.78.97.155)
	;; WHEN: Mon Oct  8 09:41:18 2007
	;; MSG SIZE  rcvd: 212

Take it a section at a time and the output is actually very informative and easy to navigate:

HEADER - Contains general information about the query.
QUESTION SECTION - Lists the queried record.
ANSWER SECTION - Lists the servers that responded to the domain google.com along with the IP addresses.
AUTHORITY SECTION - Lists the name servers being used by google.com.
ADDITIONAL SECTION - Lists the IP addresses of the name servers found in the Authority section.

Cached Information

The information in the ANSWER is derived from the cache of the local DNS servers. The caching of records is determined by the TTL set for the record. If a record has a TTL of 24 hours, then other name servers will only look for a new record once a day. However, if you lower the TTL to 5 minutes at least 24 hours in advance of making changes, other name servers will retreive a new recrod every 5 minutes.

Making a Direct Query

You can also query the DNS server directly. Look at the Authority section in the Google output above. It lists four name servers and you can query one of them directly. For example:

	# dig @ns4.google.com google.com

Notice that the specified name server must be prefixed with the @ symbol.

The output is the same, but notice the HEADER:

	; <<>> DiG 9.3.4 <<>> @ns4.google.com google.com

You are now directly querying the name server ns4.google.com, which will show any changes made that had not been fully propagated.

This is the key to checking any DNS changes you've made in the Cloud Control Panel. Querying the records directly will show the changes before they are fully propagated.

Querying Records

To query a record, append the desired record type (for example MX) to the query:

# dig @ns4.google.com google.com MX

The dig query responds with the following answer:

	;; QUESTION SECTION:
	;google.com.              IN     MX

	;; ANSWER SECTION:
	google.com.         10800  IN     MX     10 smtp4.google.com.
	google.com.         10800  IN     MX     10 smtp1.google.com.
	google.com.         10800  IN     MX     10 smtp2.google.com.
	google.com.         10800  IN     MX     10 smtp3.google.com.

You can do this with any type of record by appending the record type to the command. For example, enter the following to query for NS records only:

	# dig @ns4.google.com google.com NS

For More Information on dig, enter the following command to display the dig man page:

	# man dig

Related Information

Learn More About DNS

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License

See license specifics and DISCLAIMER

2 Comments

typos

There are " " where there should be spaces.

By Anonymous on Aug. 9, 2012

Re: nbsp

Thanks for pointing that out. We'll get that fixed.

By jered.heeschen on Aug. 10, 2012

Knowledge Center