How to look up DNS servers with Dig command

The dig or dig command queries DNS servers and provides detailed domain information. This command-line tool, part of the BIND networking toolkit, helps you investigate DNS configurations, verify record propagation, and troubleshoot domain issues across different DNS servers.

The dig command enables you to perform precise DNS queries by specifying which DNS server to use. You can query any DNS server directly, whether it’s Google’s public DNS (8.8.8.8) or your organization’s DNS servers. This flexibility helps you validate Edge Computing services, verify DNS propagation, and debug resolution issues. It has become the industry standard replacement for nslookup, offering enhanced DNS troubleshooting capabilities across Windows, Linux, and macOS systems.

When working with DNS queries, you can:

  • Query specific DNS servers to verify record updates
  • Check different DNS record types (A, AAAA, MX, CNAME)
  • Track complete DNS resolution paths
  • Measure response times from different servers
  • Compare results across multiple DNS providers
  • Execute batch queries for multiple domains

The dig displays comprehensive DNS responses in a structured format, including query statistics, server information, and precise timing data. This detailed output helps you identify DNS issues quickly and validate domain configurations effectively.

Installing the dig command

The dig command comes pre-installed on most macOS versions and some Linux distributions. Since it’s not available by default on Windows and many Linux distributions, we provide installation guides to help you set up this essential DNS troubleshooting tool. As part of the BIND toolkit, dig serves as an alternative to the discontinued nslookup command, offering comprehensive DNS query capabilities across all major operating systems.

Installing dig on Windows

  1. Download the Current-Stable, ESV version of BIND from the ISC downloads page.
  2. Extract the entire contents of the compressed file BIND9.18.14.tar.xz into a dedicated folder.
  3. Run the BINDInstall.exe file as an administrator.
  4. Select the Tools Only checkbox to install only the dig, host, nslookup, and nsupdatetools.

You can still use BIND with Windows. However, support for OS was removed in a 2021 update.

Installing dig on Linux distributions

To install the command on Debian-based distributions such as Ubuntu, PopOS, and Kali Linux:

  1. Open the terminal.
  2. Run sudo apt-get install dnsutils.

    For other Linux distributions, see the developer documentation.

  3. Run dig -v to check the installed version.

Installing the dig command: video guide

This comprehensive video demonstrates how to install and use the dig across different operating systems. You’ll learn how to:

  • Install dig on Windows and Linux
  • Perform basic DNS lookups
  • Check CNAME records
  • Understand dig responses
  • Validate Edge Computing services

Using the dig command

In this section, you’ll query records from a specific domain and from several domains in the same request; select which DNS server to use for the query; find out the latency (in milliseconds); what are the IPs associated with the domains queried; and track the entire process of resolving nameservers, from the root to the last authoritative nameserver (which maintains the domain records).

To perform a query with the dig command:

  1. Open the terminal (Command Line Prompt, Power Shell, or Git Bash for Windows systems).
  2. Run dig azion.com (swap azion.com for the domain you want to query).

It’s also possible to perform a query of several domains in the same request:

  1. Create a text file to store the domains of interest. Example: domains.txt.

  2. Inside the file, separate the domains by line. Example:

    azion.com
google.com
github.com

  3. Open the terminal.

  4. Run dig domains.txt.

The answer to these commands consists of four sections: Header, OPT PSEUDOSECTION, ANSWER SECTION, and footer.

There’s relevant information in all sections of the response. However, this guide will focus on the last two sections: ANSWER SECTION and footer.

The ANSWER SECTION is where the DNS records should appear. In the footer section, you find the latency time, in milliseconds, in addition to which DNS server was used to solve the request.

By default, the dig command uses a list of DNS servers stored locally on your machine.

If you want to use a specific DNS list, such as Google’s (8.8.8.8, 8.8.4.4, 2001:4860::4860::8888, and 2001:4860:4860::8844), for example, use the @ + IP tag in the list.

Here’s an example of the command:

dig @8.8.8.8 azion.com or dig @8.8.8.8 domains.txt

To track the entire DNS server path, add the +trace option to the command. See an example:

dig azion.com +trace

The +trace option is an instruction to return the full path that the DNS server took to resolve the query.

This response is quite different from the simple request and presents all DNS servers involved in the resolution of a domain, passing through the Top-Level Domain (TLD) servers until reaching the last authoritative server.

Using dig to test Azion zones and edge applications

If you’ve configured a zone in Azion Edge DNS, you can use the dig command to test how and if it’s receiving proper traffic. For example, if you’ve configured a load balance with a DNS record, you can test and check if the load balance is working properly.

Create Azion account
Create zone
Test balanced record

You can also check the latency of a web application with the dig command to validate the Azion Edge Computing service. For example, you can compare the latency of your application, served by cloud and by Azion Edge Computing Platform.

Contributors