dig Command Snippets
Copy-paste-ready dig command snippets for DNS record queries, reverse lookups, output filtering, and batch operations.
- Query A Records with dig
- Query AAAA Records with dig
- Query MX Records with dig
- Query NS Records with dig
- Query SOA Records with dig
- Query TXT Records with dig
- Query CNAME Records with dig
- Query All Record Types with dig
- Perform a Reverse DNS Lookup with dig
- Display Short-Form Output with dig
- Show Answer Section Only with dig
- Trace the DNS Delegation Path with dig
- Query a Specific DNS Server with dig
- Query Multiple Domains in Batch Mode with dig
- Display TTL Values in Human-Readable Units with dig
- Request DNSSEC Records with dig
- Display SOA Records in Multiline Format with dig
- Force TCP Transport with dig
- Check dig Version
Copy-paste-ready Domain Information Groper (dig) commands for common DNS lookup tasks.
Query A Records with dig
Domain Information Groper (dig) queries A records to retrieve the IPv4 address of a domain. The A record type is the default when no type is specified.
dig example.com A
;; ANSWER SECTION:
example.com. 86400 IN A 93.184.216.34Query AAAA Records with dig
dig queries AAAA records to retrieve the IPv6 address of a domain.
dig example.com AAAAQuery MX Records with dig
dig queries Mail Exchange (MX) records to identify the mail servers responsible for receiving email for a domain. The output includes a priority value and the mail server hostname.
dig example.com MX
;; ANSWER SECTION:
example.com. 3600 IN MX 10 mail.example.com.Query NS Records with dig
dig queries Name Server (NS) records to list the authoritative nameservers delegated for a domain.
dig example.com NSQuery SOA Records with dig
dig queries Start of Authority (SOA) records to retrieve zone authority metadata, including the primary nameserver, administrator email, zone serial number, and Time to Live (TTL) timers.
dig example.com SOAQuery TXT Records with dig
dig queries TXT records to retrieve text-based DNS data such as Sender Policy Framework (SPF) policies, DomainKeys Identified Mail (DKIM) keys, and domain verification strings.
dig example.com TXTQuery CNAME Records with dig
dig queries Canonical Name (CNAME) records to find the alias target of a domain name.
dig www.example.com CNAMEQuery All Record Types with dig
dig queries all available DNS record types for a domain using the ANY keyword. Some DNS servers restrict ANY queries for performance or security reasons and may return incomplete results.
dig example.com ANYPerform a Reverse DNS Lookup with dig
dig performs a reverse DNS lookup using the
-x flag to find the domain name associated with an IP address through a PTR record query.
dig -x 8.8.8.8Display Short-Form Output with dig
dig returns the record value without metadata when the
+short option is appended. This format outputs the IP address or record value on a single line.
dig example.com +shortShow Answer Section Only with dig
dig displays the answer section without headers, comments, or statistics when
+noall and
+answer are combined. This produces clean, script-friendly output.
dig example.com +noall +answerTrace the DNS Delegation Path with dig
dig traces the full DNS resolution path from root nameservers through Top-Level Domain (TLD) servers to the authoritative nameserver with the
+trace option.
dig example.com +traceQuery a Specific DNS Server with dig
dig queries a specific DNS resolver by placing the
@server argument before the domain name. This bypasses the system's default resolver configured in
/etc/resolv.conf.
dig @8.8.8.8 example.comQuery Multiple Domains in Batch Mode with dig
dig reads domain names from a text file and queries each one sequentially with the
-f flag. Create a file with one domain per line.
dig -f domains.txtDisplay TTL Values in Human-Readable Units with dig
dig displays Time to Live (TTL) values in human-readable time units (seconds, minutes, hours, days, weeks) with the
+ttlunits option.
dig example.com +ttlunitsRequest DNSSEC Records with dig
dig requests DNS Security Extensions (DNSSEC) records, including RRSIG signatures, with the
+dnssec option. This verifies whether a domain's DNS responses are cryptographically signed.
dig example.com +dnssecDisplay SOA Records in Multiline Format with dig
dig prints SOA records in an expanded multiline format with field labels using the
+multiline option. This makes serial numbers, refresh intervals, and TTL values easier to read.
dig example.com SOA +multilineForce TCP Transport with dig
dig sends the DNS query over TCP instead of the default UDP transport with the
+tcp option. Use TCP for large responses that exceed the UDP payload limit.
dig example.com +tcpCheck dig Version
dig displays its version number and the BIND library version with the
-v flag.
dig -v