The dig Command – DNS Queries from the Command Line

The dig command (Domain Information Groper) is a versatile tool for querying DNS servers. It is widely used for DNS troubleshooting on the command line, as it can flexibly display various records associated with a domain.

Installation

The dnsutils package (Debian/Ubuntu) or bind-utils (RHEL/Rocky) includes dig:

# Debian/Ubuntu
sudo apt install dnsutils

# Rocky/AlmaLinux
sudo dnf install bind-utils

Basic syntax

dig [options] [name] [type]

name – The domain name, e.g. veek.it
type – DNS record type: A, AAAA, MX, NS, TXT, CNAME, etc. (default: A)
@server – Optional DNS server for the query

Practical examples

Basic A record query

dig veek.it
dig +short veek.it

+short returns only the IP address – ideal for scripts.

Querying MX records

MX records show which mail servers receive emails for a domain:

dig veek.it MX
dig +short veek.it MX

Specifying a particular DNS server

Useful for bypassing local DNS settings or testing the response from an external server:

dig @8.8.8.8 veek.it       # Google DNS
dig @1.1.1.1 veek.it       # Cloudflare DNS
dig @9.9.9.9 veek.it       # Quad9 DNS

All DNS records at once

dig veek.it ANY +noall +answer

TXT records – SPF, DKIM, DMARC

dig veek.it TXT +short

Very useful for verifying SPF and DKIM records, which are essential for email authentication.

Reverse lookup – IP to hostname

dig -x 188.68.47.235 +short

DNS path tracing

Shows the complete path of a DNS query from the root servers to the final answer:

dig veek.it +trace

Understanding dig output

A typical dig output contains several sections:

;; QUESTION SECTION:     – The query made
;; ANSWER SECTION:       – The DNS answer
;; AUTHORITY SECTION:    – Authoritative name servers
;; ADDITIONAL SECTION:   – Additional information
;; Query time: 23 msec   – DNS server response time
;; SERVER: 192.168.1.1   – DNS server used

Most useful options

Option	Meaning
`+short`	Compact output
`+noall +answer`	Show only the Answer section
`+trace`	DNS path from root to answer
`+time=5`	Set timeout to 5 seconds
`-x`	Reverse lookup (IP → hostname)

Conclusion

The dig command is indispensable for any Linux systems administrator. With these fundamentals you can quickly verify DNS configurations, locate errors and diagnose email problems by analysing MX and TXT records.

Have questions about DNS or Linux administration? Get in touch.