How to check DNS server in Linux

Introduction

The dig command in Linux is used to gather DNS information. It stands for Domain Information Groper, and it collects data about Domain Name Servers. The dig command is helpful for troubleshooting DNS problems, but is also used to display DNS information.

This guide will help you understand and use the Linux dig command.

Prerequisites

• A system running Linux
• A user account with sudo or root privileges
• Access to a terminal window / command line

Most modern Linux systems include the dig command.

Verify that it’s installed by checking the software version. To do so, open a command line and enter the following:

The system should respond with a numeric code. If the system can’t find the command specified, install dig by entering the following:

Debian / Ubuntu:

CentOS / RedHat:

Once the installation finishes, verify the installation with the following command:

For more information on CentOS and RHEL, please refer to our article on How to Install dig on CentOS 7 and 8.

The dig command is used as follows:

[server] – The hostname or IP address the query is directed to
[name] – The DNS (Domain Name Server) of the server to query
[type] – The type of DNS record to retrieve. By default (or if left blank), dig uses the A record type

Common DNS record types:

• A – Address record which directly maps a hostname to an IP address
• MX – Mail Exchange which maps message transfer agents for the domain
• SIG – Signature record which is used in encryption protocols

Learn about other types by referring to our complete list in DNS Record Types Explained.

The dig command resolves the hostname before proceeding with querying the name server.

Let's look at the basic usage of the dig command.

The dig command enables searching for a domain name. To perform a DNS lookup, open the terminal and type:

You should see something similar to the following:

The most important section is the ANSWER section:

• The first column lists the name of the server that was queried
• The second column is the Time to Live, a set timeframe after which the record is refreshed
• The third column shows the class of query – in this case, “IN” stands for Internet
• The fourth column displays the type of query – in this case, “A” stands for an A (address) record
•  The final column displays the IP address associated with the domain name

Other lines can be translated as follows:

The first line displays the version of the dig command.

The HEADER section shows the information it received from the server. Flags refer to the answer format.

The OPT PSEUDOSECTION displays advanced data:

• EDNS – Extension system for DNS, if used
• Flags – blank because no flags were specified
• UDP – UDP packet size

The QUESTION section displays the query data that was sent:

• First column is the domain name queried
• Second column is the type (IN = Internet) of query
• Third column specifies the record (A = Address), unless otherwise specified

The STATISTICS section shows metadata about the query:

• Query time – The amount of time it took for a response
• SERVER – The IP address and port of the responding DNS server. You may notice a loopback address in this line – this refers to a local setting that translates DNS addresses
• WHEN – Timestamp when the command was run
• MSG SIZE rcvd – The size of the reply from the DNS server

By default, dig uses the local configuration to decide which nameserver to query. Use the following command to specify Google’s domain server:

The terminal prints out the following output:

Note: Other domain nameservers can be specified here, such as your server hosting company or the internet service provider’s DNS server.

To return all of the results of the query, use the following:

The system will list all google.com DNS records that it finds, along with the IP addresses.

Note: Any other type of record can be substituted for the ANY option. This includes the MX (mail exchange) type, A (Address) type, SIG (Signature) type, etc. There are many different DNS record types. If you are not sure, leave the type option blank.

To display only the IP address associated with the domain name, enter the following:

The output displays the content as in the image below:

Run  +noall +answer with the dig command to access detailed information in the answers section:

The example below displays the expected output.

The +trace option lists each different server the query goes through to its final destination. Use this command option to identify the IP address where traffic is dropping.

The output should be similar to the one seen below:

To look up a domain name by its IP address, type the following:

The output displays content as in the image below:

The -x option allows you to specify the IP address instead of a domain name. This can be combined with other options:

The example below displays the expected output.

Note: To learn more about how to resolve an IP address back to a domain name, the opposite of a forward DNS query, check out our article about Reverse DNS lookup (rDNS).

To look up multiple entries, start by creating a file to store the domain names:

See example on the image below:

Add several websites of interest as in the image below:

Save the file and exit. Now, specify the file using the -f option in the dig command:

See an example of the output of the command below:

Note: The +short option keeps the results manageable. Any other option can be used instead.

The information displayed by dig can be altered in the ~/.digrc file. Open the file for editing with the following command:

Add the following lines:

See an example in the image below:

Write the file (ctrl–o) and exit (ctrl–x).

Run the dig command again:

You should only see the answers command, as if you had manually added +noall and +answer.

Conclusion

You should now be familiar with the dig command in Linux. This command can help you find more information about Domain Nameservers.

Next, we recommend learning more about best DNS practices for security and performance and how to flush DNS to delete all saved DNS lookup information.