dig(1M) — ADMINISTRATOR COMMANDS
NAME
dig − send domain name query packets to name servers
SYNOPSIS
dig[@server]domain[query-type][query-class\][+query-option]
[−<dig-option>][%comment]
DESCRIPTION
The Domain Information Groper, dig, is a flexible command line tool which can be used to gather information from the Domain Name System servers. The dig tool has two modes:
• simple interactive mode which makes a single query
• batch which executes a query for each in a list of several query lines
All query options are accessible from the command line.
The simple use of dig takes the following form:
dig @server domain query-type query-class
where:
server may be either a domain name or a dot-notation Internet address. If this optional field is omitted, dig will attempt to use the default name server for your machine.
As an option, the user may set the environment variable LOCALRES to name a file which is to be used instead of /etc/resolv.conf; LOCALRES is specific to the dig resolver and is not referenced by the standard resolver. If the LOCALRES variable is not set, or if the file is not readable, then /etc/resolv.conf will be used.
domain
is the domain name for which you are requesting information. See “OPTIONS” [−x] for a convenient way to specify an inverse address query.
query-type
is the type of information [Domain Name System (DNS) query type] that you are requesting. If omitted, the default is “a” (T_A = network-address). The following types will be recognized:
aT_Anetwork address
anyT_ANYall/any information about specified domain
mxT_MXmail exchanger for the domain
nsT_NSname servers
soaT_SOAzone of authority record
hinfoT_HINFOhost information
axfrT_AXFRzone transfer (must ask an authoritative server)
txtT_TXTarbitrary number of strings (not yet supported by BIND)
(See RFC 1035 for the complete list.)
query-class
is the network class requested in the query. If omitted, the default is “in” (C_IN = Internet). The following classes are recognized:
inC_INInternet class domain
anyC_ANYall/any class information
(See RFC 1035 for the complete list.)
OPTIONS
%ignored_comment
“%” is used to include an argument which should not be parsed. This may be useful if running dig in batch mode. Instead of resolving every @server-domain-name in a list of queries, you can avoid the overhead of doing so, but still have the domain name on the command line as a reference. For example:
dig @128.9.0.32 %venera.isi.edu mx isi.edu
−<dig_option>
“−” is used to specify an option which affects the operation of dig. The following options are currently available (although not guaranteed to be useful):
−x dot-notation-address
A convenient form to specify inverse address mapping:
instead of dig 32.0.9.128.in-addr.arpa one can simply enter dig −x 128.9.0.32.
−f file A file for dig batch mode: the file contains a list of query specifications (i.e., dig command lines) which are to be executed sequentially. Lines beginning with ‘;’, ‘#’, or ‘\n’ are ignored. Other options may still appear on the command line and will be in effect for each batch query.
−T time
Time in seconds between start of successive queries when running in batch mode; can be used to keep two or more batch dig commands running roughly in sync. The default value is zero.
−p port
Port Number: query a name server listening to a non-standard Port Number; the default value is 53.
−P[ping-string]
After the query returns, execute a ping(1M) command for a response time comparison. This rather unelegantly makes a call to the shell.
If the option −Pping-string is present, it will replace ping −s in the shell command.
The last three lines of statistics will be printed for the command:
ping −s server_name 56 3
−t query-type
Specify the type of query: may specify either an integer value to be included in the type field or use the abbreviated mnemonic as discussed above (i.e., mx = T_MX).
−c query-class
Specify the class of query: may specify either an integer value to be included in the class field or use the abbreviated mnemonic as discussed above (i.e., in = C_IN).
−envsav
This flag specifies that the dig environment (defaults, print options, etc.), − after all of the arguments are parsed − should be saved to a file to become the default environment. This will be useful if you do not like the standard set of defaults and if do not want to include a large number of options whenever dig is used. The environment will consist of resolver state variable flags, timeout values, and numbers of allowable retry attempts, as well as of the flags detailing the dig output contents (see below). If the shell environment variable LOCALDEF is set to the name of a file, this is where the default dig environment will be saved. If not, the file DiG.env will be created in the current working directory.
Whenever dig is executed, it will look for ./DiG.env or for the file specified by the shell environment variable LOCALDEF. If such a file exists and if it is readable, then the environment will be restored from this file before any arguments are parsed.
−envset
This flag will affect batch query runs only. When −envset is specified on a line in a dig batch file, the dig environment following the arguments will be parsed; then these values will be used as the default environment for the duration of the batch file (or until the system finds another command line which specifies “−envset”).
−[no]stick
This flag will affect batch query runs only: it specifies that the dig environment (as read initially or set by the −envset switch) is to be restored before each query (line) in a dig batch file.
The default value “−nostick” means that the dig environment should not stick; hence options specified on a single line in a dig batch file will remain in effect for subsequent lines (i.e., they will not be restored to the “sticky” default).
+<query-option>
“+” is used to specify an option to be changed in the query packet or to change some dig output specifics. Many of these are the same parameters accepted by nslookup(1M). If an option requires a parameter, the format will be as follows:
+keyword[=value]
Most keywords can be abbreviated. Parsing of the “+” options is very simplistic — a value must not be separated from its keyword by white space.
The following keywords are currently available:
KeywordAbbrev.Meaning [default]
[no]debug(deb)turn on/off debugging mode [deb]
[no]d2turn on/off extra debugging mode [nod2]
[no]recurse(rec)use/don’t use recursive lookup [rec]
retry=#(ret)set number of retries to # [4]
time=#(ti)set timeout length to # seconds [4]
[no]kokeep open option (implies vc) [noko]
[no]vcuse/don’t use virtual circuit [novc]
[no]defname(def)use/don’t use default domain name [def]
[no]search(sea)use/don’t use domain search list [sea]
domain=NAME(do)set default domain name to NAME
[no]ignore(i)ignore/don’t ignore truncation errors [noi]
[no]primary(pr)use/don’t use primary server [nopr]
[no]aaonly(aa)authoritative query only flag [noaa]
[no]sort(sor)sort resource records [nosor]
[no]cmdecho parsed arguments [cmd]
[no]stats(st)print query statistics (RTT, etc) [st]
[no]Header(H)print basic header [H]
[no]header(he)print header flags [he]
[no]ttlid(tt)print TTLs [tt]
[no]clprint class info [nocl]
[no]qrprint outgoing query [noqr]
[no]reply(rep)print reply [rep]
[no]ques(qu)print question section [qu]
[no]answer(an)print answer section [an]
[no]author(au)print authoritative section [au]
[no]addit(ad)print additional section [ad]
pfdefset to default print flags
pfminset to minimal default print flags
pfset=#set print flags to # (# can be hexadecimal/
octal/decimal)
pfand=#bitwise “and” print flags with #
pfor=#bitwise “or” print flags with #
The retry and time options will affect the retransmission strategy used by the resolver library when sending datagram queries. The algorithm is as follows:
for i = 0 to retry−1
for j = 1 to num_servers
send_query
wait((time ∗ (2∗∗i)) / num_servers)
end
end
(Note: dig always uses a value of 1 for num_servers.)
The pfset, pfand, and pfor options have been included to make the manipulation of the various print options less tedious. Below is a list of the currently defined meanings for the various print flag bits which may be combined (ANDed) to achieve various output formats.
PRF_STATS0x0001RTT, query and server host, date, message size
PRF_CLASS0x0004Resource record class information
PRF_CMD0x0008echo the dig command line
PRF_QUES0x0010questions section
PRF_ANS0x0020answers section
PRF_AUTH0x0040authoritative section
PRF_ADD0x0080additional records section
PRF_HEAD10x0100RR section headers & counts
PRF_HEAD20x0200packet header flags
PRF_TTLID0x0400Resource record Time-to-Live (ttl)
PRF_HEADX0x0800basic header
PRF_QUERY0x1000outgoing query packet
PRF_REPLY0x2000reply packet
PRF_SORT0x8000sort various response sections
PRF_DEF0x2ff9default dig settings
PRF_ZONE0x24f9default setting for zone transfer
PRF_MIN0xa930minimalistic dig settings for (future) automated
server testing
When setting the print options and if you want to see information other than the statistics, you should choose to examine the outgoing (0x1000) packet type, the incoming (0x2000) packet type, or both packet types, as well as the specific sections of the packet(s) of particular interest to you.
DETAILS
The dig tool requires a slightly modified version of the BIND resolver(3) library to gather count and time statistics. Otherwise, it is a straight forward (but not pretty) effort of parsing arguments and setting appropriate parameters. The dig tool uses resolver routines res_init(), res_mkquery(), res_send(); it also accesses the _res structure.
It is possible to compile dig with the standard resolver library, but this procedure will change the dig output format, make the dig print options meaningless, and not gather RTT and packet count statistics.
FILES
/etc/resolv.confinitial domain name and name server addresses
./DiG.envdefault save file for default options
ENVIRONMENT
LOCALRESfile to use in place of /etc/resolv.conf
LOCALDEFdefault environment file
NOTES
If a domain name is specified, this will be resolved using the (DNS) resolver. If your system does not support DNS, you may have to specify a dot-notation address. Alternatively, if there is a server at your disposal somewhere, all that is required is that /etc/resolv.conf be present and indicate where the default name servers reside, so that server itself can be resolved. [See resolv.conf(4) for information on /etc/resolv.conf.]
“any” can be used to specify a class and/or a type of query: dig will parse the first occurrence of “any” to mean query-type = T_ANY. To specify query-class = C_ANY you must either specify “any” twice, or set the query-class using the “−c” option (see “OPTIONS”).
LOCALDEF is specific to the dig resolver and will not affect the operation of the standard resolver library.
CAUTION
Changing /etc/resolv.conf will affect the standard resolver library and potentially several programs which use it.
BUGS
dig has a serious case of “creeping featurism” − the result of considering several potential uses during its development. It would probably benefit from a rigorous diet. Similarly, the print flags and granularity of the items they specify make their rather ad hoc genesis evident.
dig does not exit consistently with an appropriate status when a problem occurs somewhere in the resolver.
Most of the common exit cases are handled. This becomes particularly annoying when running in batch mode. If dig exits abnormally − and is not caught − the entire batch will abort; when such an event is trapped, dig simply will continue with the next query.
SEE ALSO
nslookup(1M), resolver(3N), resolv.conf(4), named(1M), ping(1M).