Dig est un outil flexible pour le test et l'interrogation de serveur DNS. Il permet en particulier de construire toutes les formes de requêtes et de visualiser l'ensemble des informations des réponses. D'autres commandes comme host et nslookup (déprécié) peuvent fournir, entre de bonnes mains, le même genre d'informations. Dig a l'avantage (ou l'inconvénient) de présenter les informations sous une forme directement utilisable dans un fichier de configuration de Zone DNS. Regarder aussi la page de Manuel de dig en Annexe.
En fin de chaque exemple un alinéa CQFV (ce qu'il fallait voir) précise quelques motivations de chaque exemple.
; --- DiG 9.2.1rc2 --- ;; ==HEADER== opcode: QUERY, status: NOERROR, id: 59594 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 238778 IN NS H.ROOT-SERVERS.NET. . 238778 IN NS C.ROOT-SERVERS.NET. . 238778 IN NS G.ROOT-SERVERS.NET. . 238778 IN NS F.ROOT-SERVERS.NET. . 238778 IN NS B.ROOT-SERVERS.NET. . 238778 IN NS J.ROOT-SERVERS.NET. . 238778 IN NS K.ROOT-SERVERS.NET. . 238778 IN NS L.ROOT-SERVERS.NET. . 238778 IN NS M.ROOT-SERVERS.NET. . 238778 IN NS I.ROOT-SERVERS.NET. . 238778 IN NS E.ROOT-SERVERS.NET. . 238778 IN NS D.ROOT-SERVERS.NET. . 238778 IN NS A.ROOT-SERVERS.NET. ;; ADDITIONAL SECTION: H.ROOT-SERVERS.NET. 325178 IN A 128.63.2.53 C.ROOT-SERVERS.NET. 325178 IN A 192.33.4.12 G.ROOT-SERVERS.NET. 325178 IN A 192.112.36.4 F.ROOT-SERVERS.NET. 325178 IN A 192.5.5.241 B.ROOT-SERVERS.NET. 325178 IN A 128.9.0.107 J.ROOT-SERVERS.NET. 325178 IN A 198.41.0.10 K.ROOT-SERVERS.NET. 325178 IN A 193.0.14.129 L.ROOT-SERVERS.NET. 325178 IN A 198.32.64.12 M.ROOT-SERVERS.NET. 325178 IN A 202.12.27.33 I.ROOT-SERVERS.NET. 325178 IN A 192.36.148.17 E.ROOT-SERVERS.NET. 325178 IN A 192.203.230.10 D.ROOT-SERVERS.NET. 325178 IN A 128.8.10.90 A.ROOT-SERVERS.NET. 325178 IN A 198.41.0.4 ;; Query time: 38 msec ;; SERVER: 157.159.10.12#53(157.159.10.12) ;; WHEN: Tue May 7 13:24:48 2002 ;; MSG SIZE rcvd: 436CQFV : Références des 13 serveurs pour la zone Racine, glue.
; <<>> DiG 9.2.2rc1 <<>> int-evry.fr SOA +multiline
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64578
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 2
;; QUESTION SECTION:
;int-evry.fr. IN SOA
;; ANSWER SECTION:
int-evry.fr. 172800 IN SOA diamant.int-evry.fr. admin.int-evry.fr. (
2003043000 ; serial
21600 ; refresh (6 hours)
3600 ; retry (1 hour)
1209600 ; expire (2 weeks)
172800 ; minimum (2 days)
)
;; AUTHORITY SECTION:
int-evry.fr. 172800 IN NS diamant.int-evry.fr.
int-evry.fr. 172800 IN NS ns2.nic.fr.
int-evry.fr. 172800 IN NS ns4.enst.fr.
int-evry.fr. 172800 IN NS pompei.int-evry.fr.
;; ADDITIONAL SECTION:
pompei.int-evry.fr. 172800 IN A 157.159.11.13
diamant.int-evry.fr. 172800 IN A 157.159.10.12
;; Query time: 6 msec
;; SERVER: 157.159.100.81#53(157.159.100.81)
;; WHEN: Fri May 2 09:25:03 2003
;; MSG SIZE rcvd: 191
CQFV : Format d'un SOA ("minimum" lire
"Negative Cache TTL"), Sections "authority" et "Additional", Glue.
; --- DiG 9.2.1rc2 --- +trace ipv6.int-evry.fr . 500116 IN NS D.ROOT-SERVERS.NET. . 500116 IN NS A.ROOT-SERVERS.NET. . 500116 IN NS H.ROOT-SERVERS.NET. . 500116 IN NS C.ROOT-SERVERS.NET. . 500116 IN NS G.ROOT-SERVERS.NET. . 500116 IN NS F.ROOT-SERVERS.NET. . 500116 IN NS B.ROOT-SERVERS.NET. . 500116 IN NS J.ROOT-SERVERS.NET. . 500116 IN NS K.ROOT-SERVERS.NET. . 500116 IN NS L.ROOT-SERVERS.NET. . 500116 IN NS M.ROOT-SERVERS.NET. . 500116 IN NS I.ROOT-SERVERS.NET. . 500116 IN NS E.ROOT-SERVERS.NET. ;; Received 436 bytes from 192.93.0.4#53(ns2.nic.fr) in 18 ms fr. 172800 IN NS DNS.CS.WISC.EDU. fr. 172800 IN NS NS1.NIC.fr. fr. 172800 IN NS NS3.NIC.fr. fr. 172800 IN NS DNS.INRIA.fr. fr. 172800 IN NS NS2.NIC.fr. fr. 172800 IN NS NS.EU.NET. fr. 172800 IN NS DNS.PRINCETON.EDU. fr. 172800 IN NS NS-EXT.VIX.COM. ;; Received 352 bytes from 128.8.10.90#53(D.ROOT-SERVERS.NET) in 103 ms int-evry.fr. 345600 IN NS diamant.int-evry.fr. int-evry.fr. 345600 IN NS etna.int-evry.fr. int-evry.fr. 345600 IN NS ns2.nic.fr. ;; Received 145 bytes from 128.105.2.10#53(DNS.CS.WISC.EDU) in 124 ms ipv6.int-evry.fr. 86400 IN SOA zeratul.ipv6.int-evry.fr. root.zeratul.ipv6.int-evry.fr. 2002041503 21600 3600 3600000 86400 ;; Received 83 bytes from 157.159.10.12#53(diamant.int-evry.fr) in 1 msCQFV : Simulation résolution itérative.
; --- DiG 9.2.1rc2 --- int-evry.fr any ;; ==HEADER== opcode: QUERY, status: NOERROR, id: 44675 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 4, ADDITIONAL: 7 ;; QUESTION SECTION: ;int-evry.fr. IN ANY ;; ANSWER SECTION: int-evry.fr. 172800 IN MX 60 sparte.int-evry.fr. int-evry.fr. 172800 IN MX 80 anaconda.int-evry.fr. int-evry.fr. 172800 IN MX 90 smtp2.enst.fr. int-evry.fr. 172800 IN NS diamant.int-evry.fr. int-evry.fr. 172800 IN NS etna.int-evry.fr. int-evry.fr. 172800 IN NS hugo.int-evry.fr. int-evry.fr. 172800 IN NS ns2.nic.fr. int-evry.fr. 172800 IN SOA diamant.int-evry.fr. admin.int-evry.fr. 2002050200 21600 3600 1209600 172800 ;; AUTHORITY SECTION: int-evry.fr. 172800 IN NS diamant.int-evry.fr. int-evry.fr. 172800 IN NS etna.int-evry.fr. int-evry.fr. 172800 IN NS hugo.int-evry.fr. int-evry.fr. 172800 IN NS ns2.nic.fr. ;; ADDITIONAL SECTION: sparte.int-evry.fr. 172800 IN A 157.159.10.11 anaconda.int-evry.fr. 172800 IN A 157.159.15.5 smtp2.enst.fr. 191 IN A 137.194.2.14 diamant.int-evry.fr. 172800 IN A 157.159.10.12 etna.int-evry.fr. 172800 IN A 157.159.110.67 hugo.int-evry.fr. 172800 IN A 157.159.100.81 ns2.nic.fr. 65611 IN A 192.93.0.4 ;; Query time: 2 msec ;; SERVER: 157.159.10.12#53(157.159.10.12) ;; WHEN: Tue May 7 13:27:08 2002 ;; MSG SIZE rcvd: 396
; --- DiG 9.2.1rc2 --- @ns1.nic.fr int-evry.fr any ;; ==HEADER== opcode: QUERY, status: NOERROR, id: 22218 ;; flags: qr rd; QUERY: 1, ANSWER: 3, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;int-evry.fr. IN ANY ;; ANSWER SECTION: int-evry.fr. 345600 IN NS diamant.int-evry.fr. int-evry.fr. 345600 IN NS etna.int-evry.fr. int-evry.fr. 345600 IN NS ns2.nic.fr. ;; AUTHORITY SECTION: int-evry.fr. 345600 IN NS diamant.int-evry.fr. int-evry.fr. 345600 IN NS etna.int-evry.fr. int-evry.fr. 345600 IN NS ns2.nic.fr. ;; ADDITIONAL SECTION: diamant.int-evry.fr. 345600 IN A 157.159.10.12 etna.int-evry.fr. 345600 IN A 157.159.110.16 ns2.nic.fr. 172800 IN A 192.93.0.4 ;; Query time: 11 msec ;; SERVER: 192.93.0.1#53(ns1.nic.fr) ;; WHEN: Tue May 7 13:46:10 2002 ;; MSG SIZE rcvd: 182CQFV : Délégation incorrecte. (ns1.nic.fr authoritative pour fr.)
; <<>> DiG 9.3.0 <<>> @::1 apple.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 927 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 0 ;; QUESTION SECTION: ;apple.com. IN A ;; ANSWER SECTION: apple.com. 3600 IN A 17.254.3.183 ;; AUTHORITY SECTION: apple.com. 432000 IN NS nserver.asia.apple.com. apple.com. 432000 IN NS nserver.euro.apple.com. apple.com. 432000 IN NS nserver.apple.com. apple.com. 432000 IN NS nserver2.apple.com. apple.com. 432000 IN NS nserver3.apple.com. apple.com. 432000 IN NS nserver4.apple.com. ;; Query time: 1089 msec ;; SERVER: ::1#53(::1) ;; WHEN: Mon Apr 4 09:31:06 2005 ;; MSG SIZE rcvd: 188
; <<>> DiG 9.3.0 <<>> @::1 apple.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 79 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 0 ;; QUESTION SECTION: ;apple.com. IN A ;; ANSWER SECTION: apple.com. 3575 IN A 17.254.3.183 ;; AUTHORITY SECTION: apple.com. 431975 IN NS nserver3.apple.com. apple.com. 431975 IN NS nserver4.apple.com. apple.com. 431975 IN NS nserver.asia.apple.com. apple.com. 431975 IN NS nserver.euro.apple.com. apple.com. 431975 IN NS nserver.apple.com. apple.com. 431975 IN NS nserver2.apple.com. ;; Query time: 14 msec ;; SERVER: ::1#53(::1) ;; WHEN: Mon Apr 4 09:31:31 2005 ;; MSG SIZE rcvd: 188CQFV : Cache (TTLs, Query time, flags aa, tourniquet,..)
; <<>> DiG 9.2.2rc1 <<>> ducon.lajoie.ipv6.int-evry.fr +multiline ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3640 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;ducon.lajoie.ipv6.int-evry.fr. IN A ;; AUTHORITY SECTION: ipv6.int-evry.fr. 86400 IN SOA zeratul.ipv6.int-evry.fr. pascal\.hennequin.int-evry.fr. ( 2003040201 ; serial 21600 ; refresh (6 hours) 3600 ; retry (1 hour) 3600000 ; expire (5 weeks 6 days 16 hours) 86400 ; minimum (1 day) ) ;; Query time: 4 msec ;; SERVER: 157.159.100.81#53(157.159.100.81) ;; WHEN: Fri May 2 09:17:57 2003 ;; MSG SIZE rcvd: 108CQFV : réponse négative NXDOMAIN, SOA dans authority. ("minimum" lire "Negative Cache TTL")
; <<>> DiG 9.3.0 <<>> zeratul.ipv6.int-evry.fr ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2020 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;zeratul.ipv6.int-evry.fr. IN A ;; ANSWER SECTION: zeratul.ipv6.int-evry.fr. 86400 IN A 157.159.100.74 ;; AUTHORITY SECTION: ipv6.int-evry.fr. 86400 IN NS diamant.int-evry.fr. ipv6.int-evry.fr. 86400 IN NS zeratul.ipv6.int-evry.fr. ipv6.int-evry.fr. 86400 IN NS hugo.int-evry.fr. ;; ADDITIONAL SECTION: hugo.int-evry.fr. 604800 IN A 157.159.100.81 diamant.int-evry.fr. 172800 IN A 157.159.10.12 zeratul.ipv6.int-evry.fr. 86400 IN AAAA 2001:660:3203:1000:2b0:d0ff:fe3a:2c83 ;; Query time: 6 msec ;; SERVER: 157.159.100.81#53(157.159.100.81) ;; WHEN: Mon Apr 4 10:50:07 2005 ;; MSG SIZE rcvd: 173CQFV : flag aa, glue ipv6
; --- DiG 9.2.1rc2 --- -x 157.159.100.74 ;; ==HEADER== opcode: QUERY, status: NOERROR, id: 21401 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;74.100.159.157.in-addr.arpa. IN PTR ;; ANSWER SECTION: 74.100.159.157.in-addr.arpa. 172800 IN PTR ipv6-1.int-evry.fr. ;; AUTHORITY SECTION: 159.157.in-addr.arpa. 172800 IN NS diamant.int-evry.fr. 159.157.in-addr.arpa. 172800 IN NS etna.int-evry.fr. 159.157.in-addr.arpa. 172800 IN NS hugo.int-evry.fr. 159.157.in-addr.arpa. 172800 IN NS ns2.nic.fr. ;; ADDITIONAL SECTION: diamant.int-evry.fr. 172800 IN A 157.159.10.12 etna.int-evry.fr. 172800 IN A 157.159.110.67 hugo.int-evry.fr. 172800 IN A 157.159.100.81 ns2.nic.fr. 64354 IN A 192.93.0.4 ;; Query time: 2 msec ;; SERVER: 157.159.10.12#53(157.159.10.12) ;; WHEN: Tue May 7 13:48:05 2002 ;; MSG SIZE rcvd: 223
; <<>> DiG 9.3.0 <<>> -x 2001:660:3203:1000:2b0:d0ff:fe3a:2c83
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 815
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; QUESTION SECTION:
;3.8.c.2.a.3.e.f.f.f.0.d.0.b.2.0.0.0.0.1.3.0.2.3.0.6.6.0.1.0.0.2.ip6.arpa. IN PTR
;; ANSWER SECTION:
3.8.c.2.a.3.e.f.f.f.0.d.0.b.2.0.0.0.0.1.3.0.2.3.0.6.6.0.1.0.0.2.ip6.arpa. (
86400 IN PTR zeratul.ipv6.int-evry.fr. )
;; AUTHORITY SECTION:
3.0.2.3.0.6.6.0.1.0.0.2.ip6.arpa. 86400 IN NS zeratul.ipv6.int-evry.fr.
3.0.2.3.0.6.6.0.1.0.0.2.ip6.arpa. 86400 IN NS hugo.int-evry.fr.
;; ADDITIONAL SECTION:
hugo.int-evry.fr. 604800 IN A 157.159.100.81
zeratul.ipv6.int-evry.fr. 86400 IN A 157.159.100.74
zeratul.ipv6.int-evry.fr. 86400 IN AAAA 2001:660:3203:1000:2b0:d0ff:fe3a:2c83
;; Query time: 6 msec
;; SERVER: 157.159.100.81#53(157.159.100.81)
;; WHEN: Mon Apr 4 10:52:33 2005
;; MSG SIZE rcvd: 221
CQFV : reverse addressing IPv4 et IPv6.
; <<>> DiG 9.2.2rc1 <<>> NS int-evry.fr ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43611 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 2 ;; QUESTION SECTION: ;int-evry.fr. IN NS ;; ANSWER SECTION: int-evry.fr. 172800 IN NS ns2.nic.fr. int-evry.fr. 172800 IN NS ns4.enst.fr. int-evry.fr. 172800 IN NS pompei.int-evry.fr. int-evry.fr. 172800 IN NS diamant.int-evry.fr. ;; ADDITIONAL SECTION: pompei.int-evry.fr. 172800 IN A 157.159.11.13 diamant.int-evry.fr. 172800 IN A 157.159.10.12 ;; Query time: 4 msec ;; SERVER: 157.159.100.81#53(157.159.100.81) ;; WHEN: Fri May 2 09:50:57 2003 ;; MSG SIZE rcvd: 149
; <<>> DiG 9.2.2rc1 <<>> NS int-evry.fr ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26077 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 2 ;; QUESTION SECTION: ;int-evry.fr. IN NS ;; ANSWER SECTION: int-evry.fr. 172800 IN NS diamant.int-evry.fr. int-evry.fr. 172800 IN NS ns2.nic.fr. int-evry.fr. 172800 IN NS ns4.enst.fr. int-evry.fr. 172800 IN NS pompei.int-evry.fr. ;; ADDITIONAL SECTION: pompei.int-evry.fr. 172800 IN A 157.159.11.13 diamant.int-evry.fr. 172800 IN A 157.159.10.12 ;; Query time: 15 msec ;; SERVER: 157.159.100.81#53(157.159.100.81) ;; WHEN: Fri May 2 09:50:58 2003 ;; MSG SIZE rcvd: 149CQFV : Tourniquet.
; <<>> DiG 9.3.0 <<>> @::1 +norecurse cr.yp.to ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 203 ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0 ;; QUESTION SECTION: ;cr.yp.to. IN A ;; AUTHORITY SECTION: . 3600000 IN NS L.ROOT-SERVERS.NET. . 3600000 IN NS M.ROOT-SERVERS.NET. . 3600000 IN NS A.ROOT-SERVERS.NET. . 3600000 IN NS B.ROOT-SERVERS.NET. . 3600000 IN NS C.ROOT-SERVERS.NET. . 3600000 IN NS D.ROOT-SERVERS.NET. . 3600000 IN NS E.ROOT-SERVERS.NET. . 3600000 IN NS F.ROOT-SERVERS.NET. . 3600000 IN NS G.ROOT-SERVERS.NET. . 3600000 IN NS H.ROOT-SERVERS.NET. . 3600000 IN NS I.ROOT-SERVERS.NET. . 3600000 IN NS J.ROOT-SERVERS.NET. . 3600000 IN NS K.ROOT-SERVERS.NET. ;; Query time: 13 msec ;; SERVER: ::1#53(::1) ;; WHEN: Wed Mar 30 19:37:45 2005 ;; MSG SIZE rcvd: 237
; <<>> DiG 9.3.0 <<>> @::1 cr.yp.to NS ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1784 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;cr.yp.to. IN NS ;; AUTHORITY SECTION: yp.to. 2560 IN SOA a.ns.yp.to. hostmaster.yp.to. 1093750658 16384 2048 1048576 2560 ;; Query time: 638 msec ;; SERVER: ::1#53(::1) ;; WHEN: Wed Mar 30 19:38:29 2005 ;; MSG SIZE rcvd: 78
; <<>> DiG 9.3.0 <<>> @::1 +norecurse cr.yp.to ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1331 ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;cr.yp.to. IN A ;; AUTHORITY SECTION: yp.to. 86388 IN NS b.ns.yp.to. yp.to. 86388 IN NS a.ns.yp.to. ;; Query time: 76 msec ;; SERVER: ::1#53(::1) ;; WHEN: Wed Mar 30 19:38:41 2005 ;; MSG SIZE rcvd: 61CQFV : Réponses itératives, flag rd; Réponse récursive Négative avec NODATA