Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"
Cyber Angels

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
Copyright Info
Terms of Use
Privacy Info
Masthead / Impressum
Your Account

Private Messages

News Archive
Submit News
User Articles
Web Links


The Web

Who's Online
There are currently, 71 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here




       dig  [ @server ]  [ -b address ]  [ -c class ]  [ -f file­
       name ]  [ -k filename ]  [ -p port# ]  [ -t type ]   [  -x
       addr  ]  [ -y name:key ]  [ name ]  [ type ]  [ class ]  [
       queryopt... ]

       dig [ -h ]

       dig [ global-queryopt... ]  [ query... ]


       dig (domain information groper) is  a  flexible  tool  for
       interrogating  DNS  name  servers. It performs DNS lookups
       and displays the answers that are returned from  the  name
       server(s)  that  were queried. Most DNS administrators use
       dig to troubleshoot DNS problems because of its  flexibil­
       ity, ease of use and clarity of output. Other lookup tools
       tend to have less functionality than dig.

       Although dig is normally used with command-line arguments,
       it  also  has a batch mode of operation for reading lookup
       requests from a file. A brief summary of its  command-line
       arguments  and  options  is  printed when the -h option is
       given.  Unlike earlier versions, the BIND9  implementation
       of  dig allows multiple lookups to be issued from the com­
       mand line.

       Unless it is told to query a  specific  name  server,  dig
       will try each of the servers listed in /etc/resolv.conf.

       When  no command line arguments or options are given, will
       perform an NS query for "." (the root).


       A typical invocation of dig looks like:

        dig @server name type


       server is the name or IP address of  the  name  server  to
              query.  This can be an IPv4 address in dotted-deci­
              mal notation or an IPv6 address in  colon-delimited
              notation.  When  the  supplied server argument is a
              hostname, dig resolves that  name  before  querying
              that  name  server.  If  no server argument is pro­
              vided, dig consults  /etc/resolv.conf  and  queries
              the  name  servers listed there. The reply from the
              name server that responds is displayed.

       name   is the name of the resource record that  is  to  be
              looked up.

       The -f option makes dig  operate in batch mode by  reading
       a  list  of lookup requests to process from the file file­
       name. The file contains a number of queries, one per line.
       Each entry in the file should be organised in the same way
       they would be presented as queries to dig using  the  com­
       mand-line interface.

       If  a  non-standard  port  number is to be queried, the -p
       option is used. port# is the port  number  that  dig  will
       send  its  queries instead of the standard DNS port number
       53. This option would be used to test a name  server  that
       has  been  configured to listen for queries on a non-stan­
       dard port number.

       The -t option sets the query type to type. It can  be  any
       valid  query type which is supported in BIND9. The default
       query type "A", unless the -x option is supplied to  indi­
       cate  a  reverse lookup.  A zone transfer can be requested
       by specifying a type of AXFR.  When  an  incremental  zone
       transfer  (IXFR)  is required, type is set to ixfr=N.  The
       incremental zone transfer will contain the changes made to
       the  zone since the serial number in the zone's SOA record
       was N.

       Reverse lookups - mapping addresses to names - are simpli­
       fied  by the -x option. addr is an IPv4 address in dotted-
       decimal notation, or a colon-delimited IPv6 address.  When
       this option is used, there is no need to provide the name,
       class and type arguments.  dig  automatically  performs  a
       lookup  for  a name like and sets
       the query type and class to PTR and  IN  respectively.  By
       default,  IPv6  addresses are looked up using the IP6.ARPA
       domain and binary labels as defined in RFC2874. To use the
       older RFC1886 method using the IP6.INT domain and "nibble"
       labels, specify the -n (nibble) option.

       To sign the DNS queries sent by dig  and  their  responses
       using  transaction  signatures  (TSIG), specify a TSIG key
       file using the -k option. You can also  specify  the  TSIG
       key  itself  on the command line using the -y option; name
       is the name of the TSIG key and key is the actual key. The
       key  is  a  base-64 encoded string, typically generated by
       dnssec-keygen(8).  Caution should be taken when using  the
       -y  option on multi-user systems as the key can be visible
       in the output from ps(1) or in the shell's  history  file.
       When  using  TSIG authentication with dig, the name server
       that is queried needs to know the key and  algorithm  that
       is  being  used. In BIND, this is done by providing appro­
       priate key and server statements in named.conf.


              Use  [do  not  use] TCP when querying name servers.
              The default behaviour is to use UDP unless an  AXFR
              or  IXFR  query  is  requested, in which case a TCP
              connection is used.

              Use [do not use] TCP when  querying  name  servers.
              This  alternate  syntax to +[no]tcp is provided for
              backwards compatibility. The "vc" stands for  "vir­
              tual circuit".

              Ignore  truncation  in  UDP  responses  instead  of
              retrying with TCP. By default, TCP retries are per­

              Set  the  search  list to contain the single domain
              somename, as if specified in a domain directive  in
              /etc/resolv.conf, and enable search list processing
              as if the +search option were given.

              Use [do not use] the search  list  defined  by  the
              searchlist  or  domain directive in resolv.conf (if
              any).  The search list is not used by default.

              Deprecated, treated as a synonym for +[no]search

              This option does nothing. It is provided  for  com­
              patibility with old versions of dig where it set an
              unimplemented resolver flag.

              Set [do not set] the AD (authentic data) bit in the
              query.  The AD bit currently has a standard meaning
              only in responses, not in queries, but the  ability
              to  set  the  bit in the query is provided for com­

              Set [do not set] the CD (checking disabled) bit  in
              the  query. This requests the server to not perform
              DNSSEC validation of responses.

              Toggle the setting of the  RD  (recursion  desired)
              bit  in  the  query.   This  bit is set by default,
              which means dig normally sends  recursive  queries.
              Recursion   is   automatically  disabled  when  the
              root servers, showing the answer from  each  server
              that was used to resolve the lookup.

              toggles  the printing of the initial comment in the
              output identifying the version of dig and the query
              options  that  have  been  applied. This comment is
              printed by default.

              Provide a terse answer. The default is to print the
              answer in a verbose form.

              Show  [or do not show] the IP address and port num­
              ber that supplied the answer when the +short option
              is  enabled.  If  short form answers are requested,
              the default is not to show the source  address  and
              port number of the server that provided the answer.

              Toggle the display of comment lines in the  output.
              The default is to print comments.

              This  query  option toggles the printing of statis­
              tics: when the query was  made,  the  size  of  the
              reply  and so on. The default behaviour is to print
              the query statistics.

              Print [do not print] the query as it is  sent.   By
              default, the query is not printed.

              Print  [do  not  print]  the  question section of a
              query when an answer is returned. The default is to
              print the question section as a comment.

              Display  [do  not  display] the answer section of a
              reply. The default is to display it.

              Display [do not display] the authority section of a
              reply. The default is to display it.

              Display  [do not display] the additional section of
              a reply.  The default is to display it.

              Set the number of dots that have to appear in  name
              to  D for it to be considered absolute. The default
              value is that defined using the ndots statement  in
              /etc/resolv.conf,  or  1  if  no ndots statement is
              present. Names with fewer dots are  interpreted  as
              relative  names  and  will  be  searched for in the
              domains listed in the search or domain directive in

              Set  the  UDP  message buffer size advertised using
              EDNS0 to B bytes. The maximum and minimum sizes  of
              this  buffer  are  65535 and 0 respectively. Values
              outside this range are rounded up or down appropri­

              Print  records  like  the  SOA records in a verbose
              multi-line format with human-readable comments. The
              default  is  to print each record on a single line,
              to facilitate machine parsing of the dig output.

              Do not try the next server if you receive  a  SERV­
              FAIL.  The  default  is  to not try the next server
              which  is  the  reverse  of  normal  stub  resolver

              Attempt  to  display the contents of messages which
              are malformed.  The default is to not display  mal­
              formed answers.

              Requests  DNSSEC  records  be  sent  by setting the
              DNSSEC OK bit (DO) in the the  OPT  record  in  the
              additional section of the query.


       The BIND 9 implementation of dig  supports specifying mul­
       tiple queries on the command line (in addition to support­
       ing  the  -f batch file option). Each of those queries can
       be supplied with its own set of flags, options  and  query

       In  this case, each query argument represent an individual
       query in the command-line  syntax  described  above.  Each
       consists  of  any  of  the standard options and flags, the
       name to be looked up, an optional query type and class and
       any query options that should be applied to that query.

       dig  shows  the initial query it made for each lookup. The
       final query has a local query option of +noqr which  means
       that dig will not print the initial query when it looks up
       the NS records for isc.org.




       host(1), named(8), dnssec-keygen(8), RFC1035.


       There are probably too many query options.

BIND9                      Jun 30, 2000                    DIG(1)



Security Code
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!

Amazon Wish List

Did You Know?
You can get all the latest Site and Linux news by checking out our news page.


Tell a Friend About Us

Bookmark and Share

Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.13 Seconds