Dig utility is a flexible and powerful tool to investigate the DNS system. It comes with the well-known BIND package and is an advance version of "host" or "nslookup" commands. With Dig command, we can generate any kind of DNS request and display a full decoding of the DNS response. (cf. Dig Manual Page)
; --- DiG 9.2.1rc2 --- ;; ==HEADER== opcode: QUERY, status: NOERROR, id: 59594 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 238778 IN NS H.ROOT-SERVERS.NET. . 238778 IN NS C.ROOT-SERVERS.NET. . 238778 IN NS G.ROOT-SERVERS.NET. . 238778 IN NS F.ROOT-SERVERS.NET. . 238778 IN NS B.ROOT-SERVERS.NET. . 238778 IN NS J.ROOT-SERVERS.NET. . 238778 IN NS K.ROOT-SERVERS.NET. . 238778 IN NS L.ROOT-SERVERS.NET. . 238778 IN NS M.ROOT-SERVERS.NET. . 238778 IN NS I.ROOT-SERVERS.NET. . 238778 IN NS E.ROOT-SERVERS.NET. . 238778 IN NS D.ROOT-SERVERS.NET. . 238778 IN NS A.ROOT-SERVERS.NET. ;; ADDITIONAL SECTION: H.ROOT-SERVERS.NET. 325178 IN A 128.63.2.53 C.ROOT-SERVERS.NET. 325178 IN A 192.33.4.12 G.ROOT-SERVERS.NET. 325178 IN A 192.112.36.4 F.ROOT-SERVERS.NET. 325178 IN A 192.5.5.241 B.ROOT-SERVERS.NET. 325178 IN A 128.9.0.107 J.ROOT-SERVERS.NET. 325178 IN A 198.41.0.10 K.ROOT-SERVERS.NET. 325178 IN A 193.0.14.129 L.ROOT-SERVERS.NET. 325178 IN A 198.32.64.12 M.ROOT-SERVERS.NET. 325178 IN A 202.12.27.33 I.ROOT-SERVERS.NET. 325178 IN A 192.36.148.17 E.ROOT-SERVERS.NET. 325178 IN A 192.203.230.10 D.ROOT-SERVERS.NET. 325178 IN A 128.8.10.90 A.ROOT-SERVERS.NET. 325178 IN A 198.41.0.4 ;; Query time: 38 msec ;; SERVER: 157.159.10.12#53(157.159.10.12) ;; WHEN: Tue May 7 13:24:48 2002 ;; MSG SIZE rcvd: 436Hints : the 13 well-known root servers, and glue.
; <<>> DiG 9.2.2rc1 <<>> int-evry.fr SOA +multiline ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64578 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 2 ;; QUESTION SECTION: ;int-evry.fr. IN SOA ;; ANSWER SECTION: int-evry.fr. 172800 IN SOA diamant.int-evry.fr. admin.int-evry.fr. ( 2003043000 ; serial 21600 ; refresh (6 hours) 3600 ; retry (1 hour) 1209600 ; expire (2 weeks) 172800 ; minimum (2 days) ) ;; AUTHORITY SECTION: int-evry.fr. 172800 IN NS diamant.int-evry.fr. int-evry.fr. 172800 IN NS ns2.nic.fr. int-evry.fr. 172800 IN NS ns4.enst.fr. int-evry.fr. 172800 IN NS pompei.int-evry.fr. ;; ADDITIONAL SECTION: pompei.int-evry.fr. 172800 IN A 157.159.11.13 diamant.int-evry.fr. 172800 IN A 157.159.10.12 ;; Query time: 6 msec ;; SERVER: 157.159.100.81#53(157.159.100.81) ;; WHEN: Fri May 2 09:25:03 2003 ;; MSG SIZE rcvd: 191Hints : Zone definition : SOA, NS, Glue. NB: in SOA, "minimum" must be read as "Negative Cache TTL".
; --- DiG 9.2.1rc2 --- +trace ipv6.int-evry.fr . 500116 IN NS D.ROOT-SERVERS.NET. . 500116 IN NS A.ROOT-SERVERS.NET. . 500116 IN NS H.ROOT-SERVERS.NET. . 500116 IN NS C.ROOT-SERVERS.NET. . 500116 IN NS G.ROOT-SERVERS.NET. . 500116 IN NS F.ROOT-SERVERS.NET. . 500116 IN NS B.ROOT-SERVERS.NET. . 500116 IN NS J.ROOT-SERVERS.NET. . 500116 IN NS K.ROOT-SERVERS.NET. . 500116 IN NS L.ROOT-SERVERS.NET. . 500116 IN NS M.ROOT-SERVERS.NET. . 500116 IN NS I.ROOT-SERVERS.NET. . 500116 IN NS E.ROOT-SERVERS.NET. ;; Received 436 bytes from 192.93.0.4#53(ns2.nic.fr) in 18 ms fr. 172800 IN NS DNS.CS.WISC.EDU. fr. 172800 IN NS NS1.NIC.fr. fr. 172800 IN NS NS3.NIC.fr. fr. 172800 IN NS DNS.INRIA.fr. fr. 172800 IN NS NS2.NIC.fr. fr. 172800 IN NS NS.EU.NET. fr. 172800 IN NS DNS.PRINCETON.EDU. fr. 172800 IN NS NS-EXT.VIX.COM. ;; Received 352 bytes from 128.8.10.90#53(D.ROOT-SERVERS.NET) in 103 ms int-evry.fr. 345600 IN NS ns2.nic.fr. int-evry.fr. 345600 IN NS diamant.int-evry.fr. int-evry.fr. 345600 IN NS etna.int-evry.fr. ;; Received 145 bytes from 128.105.2.10#53(DNS.CS.WISC.EDU) in 124 ms ipv6.int-evry.fr. 172800 IN NS hugo.int-evry.fr. ipv6.int-evry.fr. 172800 IN NS diamant.int-evry.fr. ipv6.int-evry.fr. 172800 IN NS zeratul.ipv6.int-evry.fr. ;; Received 182 bytes from 2001:660:3005:1::1:2#53(ns2.nic.fr) in 27 ms bonemine.ipv6.int-evry.fr. 86400 IN AAAA 2001:660:3203:1000:203:baff:fe0e:52ab ipv6.int-evry.fr. 86400 IN NS hugo.int-evry.fr. ipv6.int-evry.fr. 86400 IN NS diamant.int-evry.fr. ipv6.int-evry.fr. 86400 IN NS zeratul.ipv6.int-evry.fr. ;; Received 210 bytes from 157.159.100.81#53(hugo.int-evry.fr) in 3 msHints : iterative resolution simulation.
; --- DiG 9.2.1rc2 --- int-evry.fr any ;; ==HEADER== opcode: QUERY, status: NOERROR, id: 44675 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 4, ADDITIONAL: 7 ;; QUESTION SECTION: ;int-evry.fr. IN ANY ;; ANSWER SECTION: int-evry.fr. 172800 IN MX 60 sparte.int-evry.fr. int-evry.fr. 172800 IN MX 80 anaconda.int-evry.fr. int-evry.fr. 172800 IN MX 90 smtp2.enst.fr. int-evry.fr. 172800 IN NS diamant.int-evry.fr. int-evry.fr. 172800 IN NS etna.int-evry.fr. int-evry.fr. 172800 IN NS hugo.int-evry.fr. int-evry.fr. 172800 IN NS ns2.nic.fr. int-evry.fr. 172800 IN SOA diamant.int-evry.fr. admin.int-evry.fr. 2002050200 21600 3600 1209600 172800 ;; AUTHORITY SECTION: int-evry.fr. 172800 IN NS diamant.int-evry.fr. int-evry.fr. 172800 IN NS etna.int-evry.fr. int-evry.fr. 172800 IN NS hugo.int-evry.fr. int-evry.fr. 172800 IN NS ns2.nic.fr. ;; ADDITIONAL SECTION: sparte.int-evry.fr. 172800 IN A 157.159.10.11 anaconda.int-evry.fr. 172800 IN A 157.159.15.5 smtp2.enst.fr. 191 IN A 137.194.2.14 diamant.int-evry.fr. 172800 IN A 157.159.10.12 etna.int-evry.fr. 172800 IN A 157.159.110.67 hugo.int-evry.fr. 172800 IN A 157.159.100.81 ns2.nic.fr. 65611 IN A 192.93.0.4 ;; Query time: 2 msec ;; SERVER: 157.159.10.12#53(157.159.10.12) ;; WHEN: Tue May 7 13:27:08 2002 ;; MSG SIZE rcvd: 396
; --- DiG 9.2.1rc2 --- @ns1.nic.fr int-evry.fr any ;; ==HEADER== opcode: QUERY, status: NOERROR, id: 22218 ;; flags: qr rd; QUERY: 1, ANSWER: 3, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;int-evry.fr. IN ANY ;; ANSWER SECTION: int-evry.fr. 345600 IN NS diamant.int-evry.fr. int-evry.fr. 345600 IN NS etna.int-evry.fr. int-evry.fr. 345600 IN NS ns2.nic.fr. ;; AUTHORITY SECTION: int-evry.fr. 345600 IN NS diamant.int-evry.fr. int-evry.fr. 345600 IN NS etna.int-evry.fr. int-evry.fr. 345600 IN NS ns2.nic.fr. ;; ADDITIONAL SECTION: diamant.int-evry.fr. 345600 IN A 157.159.10.12 etna.int-evry.fr. 345600 IN A 157.159.110.16 ns2.nic.fr. 172800 IN A 192.93.0.4 ;; Query time: 11 msec ;; SERVER: 192.93.0.1#53(ns1.nic.fr) ;; WHEN: Tue May 7 13:46:10 2002 ;; MSG SIZE rcvd: 182Hints : ns1.nic.fr is authoritative for fr.. Invalid Delegation : "Etna" Address differs between parent zone and child zone.
; <<>> DiG 9.3.0 <<>> @::1 apple.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 927 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 0 ;; QUESTION SECTION: ;apple.com. IN A ;; ANSWER SECTION: apple.com. 3600 IN A 17.254.3.183 ;; AUTHORITY SECTION: apple.com. 432000 IN NS nserver.asia.apple.com. apple.com. 432000 IN NS nserver.euro.apple.com. apple.com. 432000 IN NS nserver.apple.com. apple.com. 432000 IN NS nserver2.apple.com. apple.com. 432000 IN NS nserver3.apple.com. apple.com. 432000 IN NS nserver4.apple.com. ;; Query time: 1089 msec ;; SERVER: ::1#53(::1) ;; WHEN: Mon Apr 4 09:31:06 2005 ;; MSG SIZE rcvd: 188
; <<>> DiG 9.3.0 <<>> @::1 apple.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 79 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 0 ;; QUESTION SECTION: ;apple.com. IN A ;; ANSWER SECTION: apple.com. 3575 IN A 17.254.3.183 ;; AUTHORITY SECTION: apple.com. 431975 IN NS nserver3.apple.com. apple.com. 431975 IN NS nserver4.apple.com. apple.com. 431975 IN NS nserver.asia.apple.com. apple.com. 431975 IN NS nserver.euro.apple.com. apple.com. 431975 IN NS nserver.apple.com. apple.com. 431975 IN NS nserver2.apple.com. ;; Query time: 14 msec ;; SERVER: ::1#53(::1) ;; WHEN: Mon Apr 4 09:31:31 2005 ;; MSG SIZE rcvd: 188Hints : Cache and round-robin (TTLs, Query time, aa flag)
; <<>> DiG 9.2.2rc1 <<>> ducon.lajoie.ipv6.int-evry.fr +multiline ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3640 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;ducon.lajoie.ipv6.int-evry.fr. IN A ;; AUTHORITY SECTION: ipv6.int-evry.fr. 86400 IN SOA zeratul.ipv6.int-evry.fr. pascal\.hennequin.int-evry.fr. ( 2003040201 ; serial 21600 ; refresh (6 hours) 3600 ; retry (1 hour) 3600000 ; expire (5 weeks 6 days 16 hours) 86400 ; minimum (1 day) ) ;; Query time: 4 msec ;; SERVER: 157.159.100.81#53(157.159.100.81) ;; WHEN: Fri May 2 09:17:57 2003 ;; MSG SIZE rcvd: 108Hints : Negative response NXDOMAIN, SOA in authority section.
; <<>> DiG 9.3.0 <<>> @::1 +norecurse cr.yp.to ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 203 ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0 ;; QUESTION SECTION: ;cr.yp.to. IN A ;; AUTHORITY SECTION: . 3600000 IN NS L.ROOT-SERVERS.NET. . 3600000 IN NS M.ROOT-SERVERS.NET. . 3600000 IN NS A.ROOT-SERVERS.NET. . 3600000 IN NS B.ROOT-SERVERS.NET. . 3600000 IN NS C.ROOT-SERVERS.NET. . 3600000 IN NS D.ROOT-SERVERS.NET. . 3600000 IN NS E.ROOT-SERVERS.NET. . 3600000 IN NS F.ROOT-SERVERS.NET. . 3600000 IN NS G.ROOT-SERVERS.NET. . 3600000 IN NS H.ROOT-SERVERS.NET. . 3600000 IN NS I.ROOT-SERVERS.NET. . 3600000 IN NS J.ROOT-SERVERS.NET. . 3600000 IN NS K.ROOT-SERVERS.NET. ;; Query time: 13 msec ;; SERVER: ::1#53(::1) ;; WHEN: Wed Mar 30 19:37:45 2005 ;; MSG SIZE rcvd: 237
; <<>> DiG 9.3.0 <<>> @::1 cr.yp.to NS ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1784 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;cr.yp.to. IN NS ;; AUTHORITY SECTION: yp.to. 2560 IN SOA a.ns.yp.to. hostmaster.yp.to. 1093750658 16384 2048 1048576 2560 ;; Query time: 638 msec ;; SERVER: ::1#53(::1) ;; WHEN: Wed Mar 30 19:38:29 2005 ;; MSG SIZE rcvd: 78
; <<>> DiG 9.3.0 <<>> @::1 +norecurse cr.yp.to ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1331 ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;cr.yp.to. IN A ;; AUTHORITY SECTION: yp.to. 86388 IN NS b.ns.yp.to. yp.to. 86388 IN NS a.ns.yp.to. ;; Query time: 76 msec ;; SERVER: ::1#53(::1) ;; WHEN: Wed Mar 30 19:38:41 2005 ;; MSG SIZE rcvd: 61Hints : Iterative Response (rd flag); Negative recursive response with NODATA; cache