Press "Enter" to skip to content

5 Dig command examples

Dig command (domain information groper) is a built-in command that you can find in any macOS computer and most Linux distros. You can use it to perform a quick check related to your DNS. See individual DNS records or check a name server from the Terminal app with a simple 1 line command. 

It might not have a graphical interface, but you will get all you need in its output.

Here you have 5 dig command examples that will show you how to use it and how the answers look. 

How does Dig command work?

Get the A or AAAA record of a domain name.

dig domainname.com

This command will show you the A record or the AAAA record, or both for the domain you are probing. The first will show you the IPv4 address of the domain name, the second IPv6. 

Get all of the available DNS records.

dig domainname.com ANY +noall +answer

Sometimes you want to see a list of all of the available DNS records, including A, NS, MX, TXT, AAAA, CNAME SOA, and PTR records. That way, you can get a lot of information about the zone, name server, and individual records. Later you can check a particular record or server.

+noall +answer will reduce the answer to just the answer section. 

Get information about the name servers for a particular domain. 

dig domainname.com NS +short

You will get an answer with all the name servers (NS records). Later you can use “dig @nameserver…” to perform additional probes for a particular NS server. 

Get the MX records for the domain name. 

dig domainname.com MX 

You can see the MX (mail exchanger) records for the hostname. From them, you will see which are the incoming mail servers. Not having MX records will be a problem for receiving emails. The senders won’t be able to find which of your mail servers are responsible for receiving the messages, and the delivery will fail. 

Get the TXT records for the domain name.

dig domainname.com TXT

By performing this command, you will see all the TXT records. The common TXT records are SPF, DKIM, and DMARC. All of them are used in email for verification and authentication. They increase the security during the transfer of emails and check if the sender is really the one it says it is. You can check the TXT records for your domain and see if they are properly configured. If you have made errors, you might not be able to send and receive emails or both. 

Get familiar with these examples and try to improvise by changing some of the parameters for your personal needs. 

The hostname could be changed with its IP address; You can probe each individual type of DNS record and more. 

Dig command can also show you the route of the query or answer reverse lookups. 

Why should you use the dig command?

Because it is already on your computer and it can give you enough information about your DNS. It works fast and has a few options to get the right answers. 

Dig is ideal for quick checks. 

Be First to Comment

Leave a Reply

Your email address will not be published.