dig.html revision 232d4387e2ef22eb95f7e49ebbfb4d7e8d0daae6
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC")
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Permission to use, copy, modify, and distribute this software for any
9bff67898d55cddfcec9ce30cc2b1bb6211ec691David Lawrence - purpose with or without fee is hereby granted, provided that the above
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - copyright notice and this permission notice appear in all copies.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence - PERFORMANCE OF THIS SOFTWARE.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<!-- $Id: dig.html,v 1.43 2008/05/15 01:12:20 tbox Exp $ -->
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<a name="man.dig"></a><div class="titlepage"></div>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<div class="cmdsynopsis"><p><code class="command">dig</code> [@server] [<code class="option">-b <em class="replaceable"><code>address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-k <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port#</code></em></code>] [<code class="option">-q <em class="replaceable"><code>name</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-x <em class="replaceable"><code>addr</code></em></code>] [<code class="option">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]name:key</code></em></code>] [<code class="option">-4</code>] [<code class="option">-6</code>] [name] [type] [class] [queryopt...]</p></div>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<div class="cmdsynopsis"><p><code class="command">dig</code> [<code class="option">-h</code>]</p></div>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<div class="cmdsynopsis"><p><code class="command">dig</code> [global-queryopt...] [query...]</p></div>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<p><span><strong class="command">dig</strong></span>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence (domain information groper) is a flexible tool
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence for interrogating DNS name servers. It performs DNS lookups and
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence displays the answers that are returned from the name server(s) that
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence were queried. Most DNS administrators use <span><strong class="command">dig</strong></span> to
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence troubleshoot DNS problems because of its flexibility, ease of use and
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence clarity of output. Other lookup tools tend to have less functionality
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence than <span><strong class="command">dig</strong></span>.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Although <span><strong class="command">dig</strong></span> is normally used with
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence arguments, it also has a batch mode of operation for reading lookup
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence requests from a file. A brief summary of its command-line arguments
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence and options is printed when the <code class="option">-h</code> option is given.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Unlike earlier versions, the BIND 9 implementation of
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <span><strong class="command">dig</strong></span> allows multiple lookups to be issued
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence command line.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Unless it is told to query a specific name server,
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <span><strong class="command">dig</strong></span> will try each of the servers listed
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="filename">/etc/resolv.conf</code>.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence When no command line arguments or options are given, will perform an
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence NS query for "." (the root).
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence It is possible to set per-user defaults for <span><strong class="command">dig</strong></span> via
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="filename">${HOME}/.digrc</code>. This file is read and
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence any options in it
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence are applied before the command line arguments.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence The IN and CH class names overlap with the IN and CH top level
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence domains names. Either use the <code class="option">-t</code> and
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="option">-c</code> options to specify the type and class or
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence use the <code class="option">-q</code> the specify the domain name or
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence use "IN." and "CH." when looking up these top level domains.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence A typical invocation of <span><strong class="command">dig</strong></span> looks like:
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<pre class="programlisting"> dig @server name type </pre>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="constant">server</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence is the name or IP address of the name server to query. This can
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence address in dotted-decimal notation or an IPv6
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence address in colon-delimited notation. When the supplied
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>server</code></em> argument is a
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <span><strong class="command">dig</strong></span> resolves that name before
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence querying that name
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence server. If no <em class="parameter"><code>server</code></em>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence argument is provided,
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <span><strong class="command">dig</strong></span> consults <code class="filename">/etc/resolv.conf</code>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence and queries the name servers listed there. The reply from the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence server that responds is displayed.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="constant">name</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence is the name of the resource record that is to be looked up.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="constant">type</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence indicates what type of query is required —
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence ANY, A, MX, SIG, etc.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>type</code></em> can be any valid query
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>type</code></em> argument is supplied,
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <span><strong class="command">dig</strong></span> will perform a lookup for an
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence The <code class="option">-b</code> option sets the source IP address of the query
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence to <em class="parameter"><code>address</code></em>. This must be a valid
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence one of the host's network interfaces or "0.0.0.0" or "::". An optional
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence may be specified by appending "#<port>"
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence The default query class (IN for internet) is overridden by the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="option">-c</code> option. <em class="parameter"><code>class</code></em> is
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence class, such as HS for Hesiod records or CH for Chaosnet records.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence The <code class="option">-f</code> option makes <span><strong class="command">dig </strong></span>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence in batch mode by reading a list of lookup requests to process from the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence file <em class="parameter"><code>filename</code></em>. The file contains a
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence queries, one per line. Each entry in the file should be organized in
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence the same way they would be presented as queries to
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <span><strong class="command">dig</strong></span> using the command-line interface.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence If a non-standard port number is to be queried, the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="option">-p</code> option is used. <em class="parameter"><code>port#</code></em> is
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence the port number that <span><strong class="command">dig</strong></span> will send its
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence instead of the standard DNS port number 53. This option would be used
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence to test a name server that has been configured to listen for queries
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence on a non-standard port number.
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence The <code class="option">-4</code> option forces <span><strong class="command">dig</strong></span>
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence use IPv4 query transport. The <code class="option">-6</code> option forces
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence <span><strong class="command">dig</strong></span> to only use IPv6 query transport.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence The <code class="option">-t</code> option sets the query type to
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>type</code></em>. It can be any valid query type
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence supported in BIND 9. The default query type is "A", unless the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="option">-x</code> option is supplied to indicate a reverse lookup.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence A zone transfer can be requested by specifying a type of AXFR. When
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence an incremental zone transfer (IXFR) is required,
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>type</code></em> is set to <code class="literal">ixfr=N</code>.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence The incremental zone transfer will contain the changes made to the zone
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence since the serial number in the zone's SOA record was
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence The <code class="option">-q</code> option sets the query name to
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>name</code></em>. This useful do distinguish the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>name</code></em> from other arguments.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Reverse lookups — mapping addresses to names — are simplified by the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="option">-x</code> option. <em class="parameter"><code>addr</code></em> is
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence address in dotted-decimal notation, or a colon-delimited IPv6 address.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence When this option is used, there is no need to provide the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>name</code></em>, <em class="parameter"><code>class</code></em> and
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>type</code></em> arguments. <span><strong class="command">dig</strong></span>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence automatically performs a lookup for a name like
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="literal">11.12.13.10.in-addr.arpa</code> and sets the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence query type and
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence class to PTR and IN respectively. By default, IPv6 addresses are
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence looked up using nibble format under the IP6.ARPA domain.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence To use the older RFC1886 method using the IP6.INT domain
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence specify the <code class="option">-i</code> option. Bit string labels (RFC2874)
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence are now experimental and are not attempted.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence To sign the DNS queries sent by <span><strong class="command">dig</strong></span> and
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence responses using transaction signatures (TSIG), specify a TSIG key file
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence using the <code class="option">-k</code> option. You can also specify the TSIG
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence key itself on the command line using the <code class="option">-y</code> option;
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>hmac</code></em> is the type of the TSIG, default HMAC-MD5,
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>name</code></em> is the name of the TSIG key and
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>key</code></em> is the actual key. The key is a
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence encoded string, typically generated by
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Caution should be taken when using the <code class="option">-y</code> option on
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence multi-user systems as the key can be visible in the output from
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <span class="citerefentry"><span class="refentrytitle">ps</span>(1)</span>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence or in the shell's history file. When
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence using TSIG authentication with <span><strong class="command">dig</strong></span>, the name
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence server that is queried needs to know the key and algorithm that is
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence being used. In BIND, this is done by providing appropriate
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <span><strong class="command">key</strong></span> and <span><strong class="command">server</strong></span> statements in
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<a name="id2543942"></a><h2>QUERY OPTIONS</h2>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<p><span><strong class="command">dig</strong></span>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence provides a number of query options which affect
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence the way in which lookups are made and the results displayed. Some of
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence these set or reset flag bits in the query header, some determine which
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence sections of the answer get printed, and others determine the timeout
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence and retry strategies.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Each query option is identified by a keyword preceded by a plus sign
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence (<code class="literal">+</code>). Some keywords set or reset an
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence option. These may be preceded
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence by the string <code class="literal">no</code> to negate the meaning of
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence that keyword. Other
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence keywords assign values to options like the timeout interval. They
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence have the form <code class="option">+keyword=value</code>.
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence The query options are:
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence<dt><span class="term"><code class="option">+[no]tcp</code></span></dt>
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence Use [do not use] TCP when querying name servers. The default
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence behavior is to use UDP unless an AXFR or IXFR query is
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence requested, in
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence which case a TCP connection is used.
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence<dt><span class="term"><code class="option">+[no]vc</code></span></dt>
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence Use [do not use] TCP when querying name servers. This alternate
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence syntax to <em class="parameter"><code>+[no]tcp</code></em> is
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence provided for backwards
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence compatibility. The "vc" stands for "virtual circuit".
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence<dt><span class="term"><code class="option">+[no]ignore</code></span></dt>
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence Ignore truncation in UDP responses instead of retrying with TCP.
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence default, TCP retries are performed.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+domain=somename</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Set the search list to contain the single domain
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>somename</code></em>, as if specified in
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <span><strong class="command">domain</strong></span> directive in
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="filename">/etc/resolv.conf</code>, and enable
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence processing as if the <em class="parameter"><code>+search</code></em>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence option were given.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]search</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Use [do not use] the search list defined by the searchlist or
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence directive in <code class="filename">resolv.conf</code> (if
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence The search list is not used by default.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]showsearch</code></span></dt>
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence Perform [do not perform] a search showing intermediate
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]defname</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Deprecated, treated as a synonym for <em class="parameter"><code>+[no]search</code></em>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]aaonly</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Sets the "aa" flag in the query.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]aaflag</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence A synonym for <em class="parameter"><code>+[no]aaonly</code></em>.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]adflag</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Set [do not set] the AD (authentic data) bit in the query. The
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence currently has a standard meaning only in responses, not in
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence but the ability to set the bit in the query is provided for
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence completeness.
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence<dt><span class="term"><code class="option">+[no]cdflag</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Set [do not set] the CD (checking disabled) bit in the query.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence requests the server to not perform DNSSEC validation of
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]cl</code></span></dt>
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence Display [do not display] the CLASS when printing the record.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]ttlid</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Display [do not display] the TTL when printing the record.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]recurse</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Toggle the setting of the RD (recursion desired) bit in the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence This bit is set by default, which means <span><strong class="command">dig</strong></span>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence normally sends recursive queries. Recursion is automatically
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence when the <em class="parameter"><code>+nssearch</code></em> or
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>+trace</code></em> query options are
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]nssearch</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence When this option is set, <span><strong class="command">dig</strong></span>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence attempts to find the
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence authoritative name servers for the zone containing the name
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence looked up and display the SOA record that each name server has
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]trace</code></span></dt>
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence Toggle tracing of the delegation path from the root name servers
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence the name being looked up. Tracing is disabled by default. When
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence tracing is enabled, <span><strong class="command">dig</strong></span> makes
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence iterative queries to
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence resolve the name being looked up. It will follow referrals from
2aee8fb2cbb1d4b77ea05327340e839e26265ae9Andreas Gustafsson root servers, showing the answer from each server that was used
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence resolve the lookup.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]cmd</code></span></dt>
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence Toggles the printing of the initial comment in the output
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence the version of <span><strong class="command">dig</strong></span> and the query
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence options that have
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence been applied. This comment is printed by default.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]short</code></span></dt>
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence Provide a terse answer. The default is to print the answer in a
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence verbose form.
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence<dt><span class="term"><code class="option">+[no]identify</code></span></dt>
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence Show [or do not show] the IP address and port number that
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence answer when the <em class="parameter"><code>+short</code></em> option
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence is enabled. If
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence short form answers are requested, the default is not to show the
a68a5a2454cc25672bed867b6067e806c292e9cbDavid Lawrence source address and port number of the server that provided the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]comments</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Toggle the display of comment lines in the output. The default
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence print comments.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]stats</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence This query option toggles the printing of statistics: when the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence was made, the size of the reply and so on. The default
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence to print the query statistics.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]qr</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Print [do not print] the query as it is sent.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence By default, the query is not printed.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]question</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Print [do not print] the question section of a query when an
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence returned. The default is to print the question section as a
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]answer</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Display [do not display] the answer section of a reply. The
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence is to display it.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]authority</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Display [do not display] the authority section of a reply. The
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence default is to display it.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]additional</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Display [do not display] the additional section of a reply.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence The default is to display it.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]all</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Set or clear all display flags.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+time=T</code></span></dt>
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence Sets the timeout for a query to
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence <em class="parameter"><code>T</code></em> seconds. The default
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence timeout is 5 seconds.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence An attempt to set <em class="parameter"><code>T</code></em> to less
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence than 1 will result
ed301acd3437a28b623f5875c6e6be6e4efb791cDavid Lawrence in a query timeout of 1 second being applied.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+tries=T</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Sets the number of times to try UDP queries to server to
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>T</code></em> instead of the default, 3.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>T</code></em> is less than or equal to
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence zero, the number of
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence tries is silently rounded up to 1.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+retry=T</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Sets the number of times to retry UDP queries to server to
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>T</code></em> instead of the default, 2.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>+tries</code></em>, this does not include
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+ndots=D</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Set the number of dots that have to appear in
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>name</code></em> to <em class="parameter"><code>D</code></em> for it to be
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence considered absolute. The default value is that defined using
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence ndots statement in <code class="filename">/etc/resolv.conf</code>, or 1 if no
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence ndots statement is present. Names with fewer dots are
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence interpreted as
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence relative names and will be searched for in the domains listed in
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="option">search</code> or <code class="option">domain</code> directive in
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <code class="filename">/etc/resolv.conf</code>.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+bufsize=B</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Set the UDP message buffer size advertised using EDNS0 to
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence <em class="parameter"><code>B</code></em> bytes. The maximum and minimum sizes
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence of this buffer are 65535 and 0 respectively. Values outside
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence this range are rounded up or down appropriately.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Values other than zero will cause a EDNS query to be sent.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+edns=#</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Specify the EDNS version to query with. Valid values
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence are 0 to 255. Setting the EDNS version will cause a
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence EDNS query to be sent. <code class="option">+noedns</code> clears the
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence remembered EDNS version.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]multiline</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Print records like the SOA records in a verbose multi-line
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence format with human-readable comments. The default is to print
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence each record on a single line, to facilitate machine parsing
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence of the <span><strong class="command">dig</strong></span> output.
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence<dt><span class="term"><code class="option">+[no]fail</code></span></dt>
6ad14a42e1058dbf92a747b27538d22fe4d977f8David Lawrence Do not try the next server if you receive a SERVFAIL. The