Troubleshooting DNS with dig
dig (domain information groper) command, you can query the specific DNS servers and specific records on those servers.
You may already have dig installed. To find out, run the following command in a terminal window:
If you receive a message that the system couldn't find dig, it's easy to install.
Ubuntu and Debian
For Ubuntu, Debian, and other distributions that use the apt package manager, run:
sudo aptitude install dnsutils
CentOS, Red Hat, Fedora
For CentOS, Red Hat, Fedora, and other distributions using the yum package manager, run:
sudo yum install bind-utils
The basics of the
dig command are very simple. Let's start looking at the DNS records for Google™:
# dig google.com
The response from this command is similar to the following:
; <<>> DiG 9.3.4 <<>> google.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10147 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 103 IN A 188.8.131.52 google.com. 103 IN A 184.108.40.206 google.com. 103 IN A 220.127.116.11 ;; AUTHORITY SECTION: google.com. 71923 IN NS ns1.google.com. google.com. 71923 IN NS ns2.google.com. google.com. 71923 IN NS ns3.google.com. google.com. 71923 IN NS ns4.google.com. ;; ADDITIONAL SECTION: ns1.google.com. 300836 IN A 18.104.22.168 ns2.google.com. 300836 IN A 22.214.171.124 ns3.google.com. 300836 IN A 126.96.36.199 ns4.google.com. 300836 IN A 188.8.131.52 ;; Query time: 1 msec ;; SERVER: 184.108.40.206#53(220.127.116.11) ;; WHEN: Mon Oct 8 09:41:18 2007 ;; MSG SIZE rcvd: 212
Take it a section at a time and the output is actually very informative and easy to navigate:
- HEADER - Contains general information about the query.
- QUESTION SECTION - Lists the queried record.
- ANSWER SECTION - Lists the servers that responded to the domain google.com along with the IP addresses.
- AUTHORITY SECTION - Lists the name servers being used by google.com.
- ADDITIONAL SECTION - Lists the IP addresses of the name servers found in the Authority section.
The information in the ANSWER is derived from the cache of the local DNS servers. The caching of records is determined by the TTL set for the record. If a record has a TTL of 24 hours, then other name servers will only look for a new record once a day. However, if you lower the TTL to 5 minutes at least 24 hours in advance of making changes, other name servers will retreive a new recrod every 5 minutes.
Making a Direct Query
You can also query the DNS server directly. Look at the Authority section in the Google output above. It lists four name servers and you can query one of them directly. For example:
# dig @ns4.google.com google.com
Notice that the specified name server must be prefixed with the @ symbol.
The output is the same, but notice the HEADER:
; <<>> DiG 9.3.4 <<>> @ns4.google.com google.com
You are now directly querying the name server ns4.google.com, which will show any changes made that had not been fully propagated.
This is the key to checking any DNS changes you've made in the Cloud Control Panel. Querying the records directly will show the changes before they are fully propagated.
To query a record, append the desired record type (for example MX) to the query:
# dig @ns4.google.com google.com MX
The dig query responds with the following answer:
;; QUESTION SECTION: ;google.com. IN MX ;; ANSWER SECTION: google.com. 10800 IN MX 10 smtp4.google.com. google.com. 10800 IN MX 10 smtp1.google.com. google.com. 10800 IN MX 10 smtp2.google.com. google.com. 10800 IN MX 10 smtp3.google.com.
You can do this with any type of record by appending the record type to the command. For example, enter the following to query for NS records only:
# dig @ns4.google.com google.com NS
For More Information on dig, enter the following command to display the dig man page:
# man dig
© 2014 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License
See license specifics and DISCLAIMER