Tuesday, August 28, 2018

Dig cheat sheet

In a previous job one of my day-to-day tasks was managing customer public DNS records, as a result my dig cheat sheet became pretty comprehensive, these are some of the more useful commands I had saved in my notes.

Before I go too far its worth mentioning that dig will look for the file ${HOME}/.digrc, adding options to this file cause them to be used each time dig is run, for instance adding "+noall +answer" to ${HOME}/.digrc will cause dig to use these options unless overridden with options such as +all.

Of course there are online options such as Googles Dig Toolbox, its a nice simple tool that does what you expect it would.
https://toolbox.googleapps.com/apps/dig/

On with the dig commands...
Return only the answer
$ dig +noall +answer youtube.com
youtube.com.  300 IN A 172.217.167.110
Return only IP address
$ dig +short youtube.com
172.217.167.110
Return only the answer from Googles DNS server
dig +short @8.8.8.8 youtube.com
youtube.com.  299 IN A 172.217.167.110
Reverse lookup
$ dig -x 8.8.8.8
8.8.8.8.in-addr.arpa. 86053 IN PTR google-public-dns-a.google.com.
Query multiple domains
$ dig +noall +answer google.com +noall +answer duckduckgo.com
google.com.  299 IN A 172.217.167.110
duckduckgo.com.  60 IN A 52.62.168.95
duckduckgo.com.  60 IN A 13.55.4.72
duckduckgo.com.  60 IN A 54.206.51.242
Find authoritative name servers for the zone and display SOA records
$ dig +nssearch google.com
SOA ns1.google.com. dns-admin.google.com. 210500962 900 900 1800 60 from server 216.239.34.10 in 184 ms.
SOA ns1.google.com. dns-admin.google.com. 210522041 900 900 1800 60 from server 216.239.36.10 in 184 ms.
SOA ns1.google.com. dns-admin.google.com. 210500962 900 900 1800 60 from server 216.239.38.10 in 218 ms.
SOA ns1.google.com. dns-admin.google.com. 210500962 900 900 1800 60 from server 216.239.32.10 in 221 ms.
Ask Googles DNS server for ANY type of record, ANY can be substituted for A, AAAA, CAA, CNAME, MX, NS, PTR, SOA, SRV, TXT, TTL
$ dig +noall +answer ANY @8.8.8.8 youtube.com
youtube.com.  299 IN AAAA 2404:6800:4006:801::200e
youtube.com.  299 IN A 216.58.220.110
youtube.com.  599 IN MX 30 alt2.aspmx.l.google.com.
youtube.com.  21599 IN NS ns2.google.com.
youtube.com.  21599 IN CAA 0 issue "pki.goog"
youtube.com.  3599 IN TXT "google-site-verification=OQz60vR-YapmaVrafWCALpPyA8eKJKssRhfIrzM-DJI"
youtube.com.  3599 IN TXT "v=spf1 include:google.com mx -all"
youtube.com.  3599 IN TXT "facebook-domain-verification=64jdes7le4h7e7lfpi22rijygx58j1"
youtube.com.  59 IN SOA ns1.google.com. dns-admin.google.com. 210522041 900 900 1800 60
youtube.com.  21599 IN NS ns3.google.com.
youtube.com.  599 IN MX 50 alt4.aspmx.l.google.com.
youtube.com.  21599 IN NS ns1.google.com.
youtube.com.  599 IN MX 40 alt3.aspmx.l.google.com.
youtube.com.  599 IN MX 20 alt1.aspmx.l.google.com.
youtube.com.  21599 IN NS ns4.google.com.
youtube.com.  599 IN MX 10 aspmx.l.google.com.
Trace the delegation path from the root name servers for the name being looked up.
$ dig +trace @8.8.8.8 google.com
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> +trace @8.8.8.8 google.com
; (1 server found)
;; global options: +cmd
.   96073 IN NS a.root-servers.net.
.   96073 IN NS c.root-servers.net.
.   96073 IN NS l.root-servers.net.
.   96073 IN NS f.root-servers.net.
.   96073 IN NS k.root-servers.net.
.   96073 IN NS h.root-servers.net.
.   96073 IN NS j.root-servers.net.
.   96073 IN NS b.root-servers.net.
.   96073 IN NS e.root-servers.net.
.   96073 IN NS g.root-servers.net.
.   96073 IN NS m.root-servers.net.
.   96073 IN NS i.root-servers.net.
.   96073 IN NS d.root-servers.net.
.   96073 IN RRSIG NS 8 0 518400 20180908050000 20180826040000 41656 . N2z1m/ifQYQPjsC3gN7mr0b2hJ8NTIBXvjv8I/S201I5DdS0csMQ2Vg0 tXyLwdZOMaFlezWnFFozHntboA4xzb5DNTXlC1WhdlIqC6Ohdn1BgjDK g/4weK6oRt6EC/XJufmjLFQ9jYauiID3emM34omJajaFE7klisvldJLv 79WQy/0lBYng4Ei/s2iMBBa9yJGiPHmwfank3Ku7bP2kv1GT+InNZYa9 K22SFpwCNq4waPDi1SDrmboAVqEoE9IeQZy3ABft4b4hA/hu+Nos6Ral F4Xsa2xwTZJhj0ryrO8Ds7WQw3zJXAWJtOM83vv9IGwyGYtvbalhIPYN r/hmng==
;; Received 525 bytes from 8.8.8.8#53(8.8.8.8) in 51 ms

com.   172800 IN NS a.gtld-servers.net.
com.   172800 IN NS b.gtld-servers.net.
com.   172800 IN NS c.gtld-servers.net.
com.   172800 IN NS d.gtld-servers.net.
com.   172800 IN NS e.gtld-servers.net.
com.   172800 IN NS f.gtld-servers.net.
com.   172800 IN NS g.gtld-servers.net.
com.   172800 IN NS h.gtld-servers.net.
com.   172800 IN NS i.gtld-servers.net.
com.   172800 IN NS j.gtld-servers.net.
com.   172800 IN NS k.gtld-servers.net.
com.   172800 IN NS l.gtld-servers.net.
com.   172800 IN NS m.gtld-servers.net.
com.   86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.   86400 IN RRSIG DS 8 1 86400 20180910050000 20180828040000 41656 . iUOMS1sDAQHMjI17fp2vDOm+wT6Z6v/iEeVyQ59m7OVPFzVB1cVTG7cy kDcD1yHmqILhnAiFV/CYg13cZ2XTe0+UEvw0mO7jqaPloc+4zWHf0NGM Ep8veQLjOgSmORUQTaRkPQ24OYI3kpF6+AkNCBfkq9IMdwmziq7HhiSo gJEjW7LrtwkWzaR+jHBGz4zHXoXM7bE4tiDXYJXSPHpLe5KjeFKzBimx QNV+2X6Vx7hz9jvbpjyYZqCLafckDW6++UcaS/veCe/80IpUpLffikM4 RUN6v3irTPgk5pRUdVrsPiHYfDsm/ed0wXdaENZbselhhPagGaWSXitD tVfU/Q==
;; Received 1170 bytes from 193.0.14.129#53(k.root-servers.net) in 67 ms

google.com.  172800 IN NS ns2.google.com.
google.com.  172800 IN NS ns1.google.com.
google.com.  172800 IN NS ns3.google.com.
google.com.  172800 IN NS ns4.google.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20180901044508 20180825033508 46475 com. lYz9DxGlAM+QMcHa6AjjWj3UHjFRLGHnJ3oN8UG6iTeoxwvPXMK+l+Tt ZJk3lHD/pYmWk4T4xQe2RdFQl9ccdkbLbunYoJVoApa94GVJ/7Nk74zs rB32keLDIklgdG+hhkfFLn8o1hIAAFtRBjIhQBcL9YiVjGY26yt/zlYw 3P8=
S849LHDDSVU9A9N2FIRO5NKMQB321BEP.com. 86400 IN NSEC3 1 1 0 - S84CEFMDU6ABFSN4V0L2VLLOASCD5IV2 NS DS RRSIG
S849LHDDSVU9A9N2FIRO5NKMQB321BEP.com. 86400 IN RRSIG NSEC3 8 2 86400 20180902050340 20180826035340 46475 com. L1lA4etoBOJnRo3qJmMEmaIUFKCT4kYfF1blJnZqirkPjMUcF98lWqab Tnhler0y9KvqSnEWP/IiOAD6IckKXZQefPVYU5xd25JgdxISaI/DM9Qt h9kIHXXNJXislNDrh1u3tNAgprDb0C4dzulPMWYJVJDeVwOLYiPY9DYZ aVQ=
;; Received 772 bytes from 192.42.93.30#53(g.gtld-servers.net) in 246 ms

google.com.  300 IN A 172.217.167.110
;; Received 44 bytes from 216.239.38.10#53(ns4.google.com) in 222 ms

No comments:

Post a Comment

Raspberry Pi 4 heatsink testing

With all the talk of how hot the Raspberry Pi 4 runs I thought I’d do some testing to see how different heatsinks perform. I had a few heats...