man.dig.html revision 27963ad22062efe8eac2beed51ff70d8f0b35900
0b0582a3aa10227767e359e693c4b43fec272388nd - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
0b0582a3aa10227767e359e693c4b43fec272388nd - Copyright (C) 2000-2003 Internet Software Consortium.
031b91a62d25106ae69d4693475c79618dd5e884fielding - Permission to use, copy, modify, and/or distribute this software for any
031b91a62d25106ae69d4693475c79618dd5e884fielding - purpose with or without fee is hereby granted, provided that the above
031b91a62d25106ae69d4693475c79618dd5e884fielding - copyright notice and this permission notice appear in all copies.
031b91a62d25106ae69d4693475c79618dd5e884fielding - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
0b0582a3aa10227767e359e693c4b43fec272388nd - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
0b0582a3aa10227767e359e693c4b43fec272388nd - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
0b0582a3aa10227767e359e693c4b43fec272388nd - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
0b0582a3aa10227767e359e693c4b43fec272388nd - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
0b0582a3aa10227767e359e693c4b43fec272388nd - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
0b0582a3aa10227767e359e693c4b43fec272388nd - PERFORMANCE OF THIS SOFTWARE.
0b0582a3aa10227767e359e693c4b43fec272388nd<!-- $Id$ -->
0b0582a3aa10227767e359e693c4b43fec272388nd<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
0b0582a3aa10227767e359e693c4b43fec272388nd<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
0b0582a3aa10227767e359e693c4b43fec272388nd<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
0b0582a3aa10227767e359e693c4b43fec272388nd<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd<link rel="prev" href="Bv9ARM.ch10.html" title="Manual pages">
0b0582a3aa10227767e359e693c4b43fec272388nd<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
0b0582a3aa10227767e359e693c4b43fec272388nd<td width="20%" align="right">�<a accesskey="n" href="man.host.html">Next</a>
0b0582a3aa10227767e359e693c4b43fec272388nd<div class="cmdsynopsis"><p><code class="command">dig</code> [@server] [<code class="option">-b <em class="replaceable"><code>address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-k <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-m</code>] [<code class="option">-p <em class="replaceable"><code>port#</code></em></code>] [<code class="option">-q <em class="replaceable"><code>name</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v</code>] [<code class="option">-x <em class="replaceable"><code>addr</code></em></code>] [<code class="option">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]name:key</code></em></code>] [<code class="option">-4</code>] [<code class="option">-6</code>] [name] [type] [class] [queryopt...]</p></div>
0b0582a3aa10227767e359e693c4b43fec272388nd<div class="cmdsynopsis"><p><code class="command">dig</code> [<code class="option">-h</code>]</p></div>
0b0582a3aa10227767e359e693c4b43fec272388nd<div class="cmdsynopsis"><p><code class="command">dig</code> [global-queryopt...] [query...]</p></div>
0b0582a3aa10227767e359e693c4b43fec272388nd (domain information groper) is a flexible tool
0b0582a3aa10227767e359e693c4b43fec272388nd for interrogating DNS name servers. It performs DNS lookups and
0b0582a3aa10227767e359e693c4b43fec272388nd displays the answers that are returned from the name server(s) that
0b0582a3aa10227767e359e693c4b43fec272388nd were queried. Most DNS administrators use <span><strong class="command">dig</strong></span> to
ada7369deaf47fb16f6079f0c9af273f33050ff4nd troubleshoot DNS problems because of its flexibility, ease of use and
ada7369deaf47fb16f6079f0c9af273f33050ff4nd clarity of output. Other lookup tools tend to have less functionality
ada7369deaf47fb16f6079f0c9af273f33050ff4nd Although <span><strong class="command">dig</strong></span> is normally used with
0b0582a3aa10227767e359e693c4b43fec272388nd command-line
0b0582a3aa10227767e359e693c4b43fec272388nd arguments, it also has a batch mode of operation for reading lookup
ada7369deaf47fb16f6079f0c9af273f33050ff4nd requests from a file. A brief summary of its command-line arguments
e5576107d28b5d7f76c4515e39f197e6b8bcba9and and options is printed when the <code class="option">-h</code> option is given.
e5576107d28b5d7f76c4515e39f197e6b8bcba9and Unlike earlier versions, the BIND 9 implementation of
0b0582a3aa10227767e359e693c4b43fec272388nd <span><strong class="command">dig</strong></span> allows multiple lookups to be issued
0b0582a3aa10227767e359e693c4b43fec272388nd command line.
0b0582a3aa10227767e359e693c4b43fec272388nd Unless it is told to query a specific name server,
0b0582a3aa10227767e359e693c4b43fec272388nd <span><strong class="command">dig</strong></span> will try each of the servers listed in
0b0582a3aa10227767e359e693c4b43fec272388nd <code class="filename">/etc/resolv.conf</code>. If no usable server addresses
0b0582a3aa10227767e359e693c4b43fec272388nd are found, <span><strong class="command">dig</strong></span> will send the query to the local
0b0582a3aa10227767e359e693c4b43fec272388nd When no command line arguments or options are given,
0b0582a3aa10227767e359e693c4b43fec272388nd <span><strong class="command">dig</strong></span> will perform an NS query for "." (the root).
0b0582a3aa10227767e359e693c4b43fec272388nd It is possible to set per-user defaults for <span><strong class="command">dig</strong></span> via
0b0582a3aa10227767e359e693c4b43fec272388nd <code class="filename">${HOME}/.digrc</code>. This file is read and
ada7369deaf47fb16f6079f0c9af273f33050ff4nd any options in it
ada7369deaf47fb16f6079f0c9af273f33050ff4nd are applied before the command line arguments.
ada7369deaf47fb16f6079f0c9af273f33050ff4nd The IN and CH class names overlap with the IN and CH top level
ada7369deaf47fb16f6079f0c9af273f33050ff4nd domain names. Either use the <code class="option">-t</code> and
0b0582a3aa10227767e359e693c4b43fec272388nd <code class="option">-c</code> options to specify the type and class,
0b0582a3aa10227767e359e693c4b43fec272388nd use the <code class="option">-q</code> the specify the domain name, or
ada7369deaf47fb16f6079f0c9af273f33050ff4nd use "IN." and "CH." when looking up these top level domains.
0b0582a3aa10227767e359e693c4b43fec272388nd A typical invocation of <span><strong class="command">dig</strong></span> looks like:
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes<pre class="programlisting"> dig @server name type </pre>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes<dt><span class="term"><code class="constant">server</code></span></dt>
ada7369deaf47fb16f6079f0c9af273f33050ff4nd is the name or IP address of the name server to query. This
ada7369deaf47fb16f6079f0c9af273f33050ff4nd can be an IPv4 address in dotted-decimal notation or an IPv6
ada7369deaf47fb16f6079f0c9af273f33050ff4nd address in colon-delimited notation. When the supplied
ada7369deaf47fb16f6079f0c9af273f33050ff4nd <em class="parameter"><code>server</code></em> argument is a hostname,
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <span><strong class="command">dig</strong></span> resolves that name before querying
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes that name server.
e5576107d28b5d7f76c4515e39f197e6b8bcba9and If no <em class="parameter"><code>server</code></em> argument is
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes provided, <span><strong class="command">dig</strong></span> consults
0b0582a3aa10227767e359e693c4b43fec272388nd address is found there, it queries the name server at
0b0582a3aa10227767e359e693c4b43fec272388nd that address. If either of the <code class="option">-4</code> or
0b0582a3aa10227767e359e693c4b43fec272388nd only addresses for the corresponding transport
0b0582a3aa10227767e359e693c4b43fec272388nd will be tried. If no usable addresses are found,
0b0582a3aa10227767e359e693c4b43fec272388nd <span><strong class="command">dig</strong></span> will send the query to the
0b0582a3aa10227767e359e693c4b43fec272388nd local host. The reply from the name server that
ada7369deaf47fb16f6079f0c9af273f33050ff4nd responds is displayed.
ada7369deaf47fb16f6079f0c9af273f33050ff4nd<dt><span class="term"><code class="constant">name</code></span></dt>
ada7369deaf47fb16f6079f0c9af273f33050ff4nd is the name of the resource record that is to be looked up.
0b0582a3aa10227767e359e693c4b43fec272388nd<dt><span class="term"><code class="constant">type</code></span></dt>
e5576107d28b5d7f76c4515e39f197e6b8bcba9and indicates what type of query is required —
e5576107d28b5d7f76c4515e39f197e6b8bcba9and ANY, A, MX, SIG, etc.
0b0582a3aa10227767e359e693c4b43fec272388nd <em class="parameter"><code>type</code></em> can be any valid query
0b0582a3aa10227767e359e693c4b43fec272388nd type. If no
0b0582a3aa10227767e359e693c4b43fec272388nd <em class="parameter"><code>type</code></em> argument is supplied,
0b0582a3aa10227767e359e693c4b43fec272388nd <span><strong class="command">dig</strong></span> will perform a lookup for an
ada7369deaf47fb16f6079f0c9af273f33050ff4nd The <code class="option">-b</code> option sets the source IP address of the query
ada7369deaf47fb16f6079f0c9af273f33050ff4nd to <em class="parameter"><code>address</code></em>. This must be a valid
ada7369deaf47fb16f6079f0c9af273f33050ff4nd address on
ada7369deaf47fb16f6079f0c9af273f33050ff4nd one of the host's network interfaces or "0.0.0.0" or "::". An optional
0b0582a3aa10227767e359e693c4b43fec272388nd may be specified by appending "#<port>"
e5576107d28b5d7f76c4515e39f197e6b8bcba9and The default query class (IN for internet) is overridden by the
e5576107d28b5d7f76c4515e39f197e6b8bcba9and <code class="option">-c</code> option. <em class="parameter"><code>class</code></em> is
0b0582a3aa10227767e359e693c4b43fec272388nd class, such as HS for Hesiod records or CH for Chaosnet records.
be19e8f52f8f44d6c8cf31286603ec11ad717886nd The <code class="option">-f</code> option makes <span><strong class="command">dig </strong></span>
be19e8f52f8f44d6c8cf31286603ec11ad717886nd in batch mode by reading a list of lookup requests to process from the
be19e8f52f8f44d6c8cf31286603ec11ad717886nd file <em class="parameter"><code>filename</code></em>. The file contains a
be19e8f52f8f44d6c8cf31286603ec11ad717886nd queries, one per line. Each entry in the file should be organized in
be19e8f52f8f44d6c8cf31286603ec11ad717886nd the same way they would be presented as queries to
be19e8f52f8f44d6c8cf31286603ec11ad717886nd <span><strong class="command">dig</strong></span> using the command-line interface.
be19e8f52f8f44d6c8cf31286603ec11ad717886nd The <code class="option">-m</code> option enables memory usage debugging.
be19e8f52f8f44d6c8cf31286603ec11ad717886nd If a non-standard port number is to be queried, the
be19e8f52f8f44d6c8cf31286603ec11ad717886nd <code class="option">-p</code> option is used. <em class="parameter"><code>port#</code></em> is
be19e8f52f8f44d6c8cf31286603ec11ad717886nd the port number that <span><strong class="command">dig</strong></span> will send its
be19e8f52f8f44d6c8cf31286603ec11ad717886nd instead of the standard DNS port number 53. This option would be used
be19e8f52f8f44d6c8cf31286603ec11ad717886nd to test a name server that has been configured to listen for queries
0b0582a3aa10227767e359e693c4b43fec272388nd on a non-standard port number.
0b0582a3aa10227767e359e693c4b43fec272388nd The <code class="option">-4</code> option forces <span><strong class="command">dig</strong></span>
0b0582a3aa10227767e359e693c4b43fec272388nd use IPv4 query transport. The <code class="option">-6</code> option forces
0b0582a3aa10227767e359e693c4b43fec272388nd <span><strong class="command">dig</strong></span> to only use IPv6 query transport.
ada7369deaf47fb16f6079f0c9af273f33050ff4nd The <code class="option">-t</code> option sets the query type to
ada7369deaf47fb16f6079f0c9af273f33050ff4nd <em class="parameter"><code>type</code></em>. It can be any valid query type
ada7369deaf47fb16f6079f0c9af273f33050ff4nd supported in BIND 9. The default query type is "A", unless the
ada7369deaf47fb16f6079f0c9af273f33050ff4nd <code class="option">-x</code> option is supplied to indicate a reverse lookup.
0b0582a3aa10227767e359e693c4b43fec272388nd A zone transfer can be requested by specifying a type of AXFR. When
0b0582a3aa10227767e359e693c4b43fec272388nd an incremental zone transfer (IXFR) is required,
ada7369deaf47fb16f6079f0c9af273f33050ff4nd <em class="parameter"><code>type</code></em> is set to <code class="literal">ixfr=N</code>.
e5576107d28b5d7f76c4515e39f197e6b8bcba9and The incremental zone transfer will contain the changes made to the zone
e5576107d28b5d7f76c4515e39f197e6b8bcba9and since the serial number in the zone's SOA record was
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd The <code class="option">-q</code> option sets the query name to
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd <em class="parameter"><code>name</code></em>. This is useful to distinguish the
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd <em class="parameter"><code>name</code></em> from other arguments.
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd The <code class="option">-v</code> causes <span><strong class="command">dig</strong></span> to
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd print the version number and exit.
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd Reverse lookups — mapping addresses to names — are simplified by the
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd <code class="option">-x</code> option. <em class="parameter"><code>addr</code></em> is
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd address in dotted-decimal notation, or a colon-delimited IPv6 address.
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd When this option is used, there is no need to provide the
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd <em class="parameter"><code>name</code></em>, <em class="parameter"><code>class</code></em> and
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd <em class="parameter"><code>type</code></em> arguments. <span><strong class="command">dig</strong></span>
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd automatically performs a lookup for a name like
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd <code class="literal">11.12.13.10.in-addr.arpa</code> and sets the
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd query type and
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd class to PTR and IN respectively. By default, IPv6 addresses are
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd looked up using nibble format under the IP6.ARPA domain.
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd To use the older RFC1886 method using the IP6.INT domain
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd specify the <code class="option">-i</code> option. Bit string labels (RFC2874)
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd are now experimental and are not attempted.
0b0582a3aa10227767e359e693c4b43fec272388nd To sign the DNS queries sent by <span><strong class="command">dig</strong></span> and
0b0582a3aa10227767e359e693c4b43fec272388nd responses using transaction signatures (TSIG), specify a TSIG key file
0b0582a3aa10227767e359e693c4b43fec272388nd using the <code class="option">-k</code> option. You can also specify the TSIG
0b0582a3aa10227767e359e693c4b43fec272388nd key itself on the command line using the <code class="option">-y</code> option;
0b0582a3aa10227767e359e693c4b43fec272388nd <em class="parameter"><code>hmac</code></em> is the type of the TSIG, default HMAC-MD5,
0b0582a3aa10227767e359e693c4b43fec272388nd <em class="parameter"><code>name</code></em> is the name of the TSIG key and
0b0582a3aa10227767e359e693c4b43fec272388nd <em class="parameter"><code>key</code></em> is the actual key. The key is a
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes encoded string, typically generated by
0b0582a3aa10227767e359e693c4b43fec272388nd <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.
be19e8f52f8f44d6c8cf31286603ec11ad717886nd Caution should be taken when using the <code class="option">-y</code> option on
0b0582a3aa10227767e359e693c4b43fec272388nd multi-user systems as the key can be visible in the output from
e86e3c086987f26f9ef32aae75d1dc9af1570db0nd <span class="citerefentry"><span class="refentrytitle">ps</span>(1)</span>
0b0582a3aa10227767e359e693c4b43fec272388nd or in the shell's history file. When
0b0582a3aa10227767e359e693c4b43fec272388nd using TSIG authentication with <span><strong class="command">dig</strong></span>, the name
0b0582a3aa10227767e359e693c4b43fec272388nd server that is queried needs to know the key and algorithm that is
0b0582a3aa10227767e359e693c4b43fec272388nd being used. In BIND, this is done by providing appropriate
0b0582a3aa10227767e359e693c4b43fec272388nd <span><strong class="command">key</strong></span> and <span><strong class="command">server</strong></span> statements in
e.g. "[ key id = value ]".
<em class="parameter"><code>name</code></em> to <em class="parameter"><code>D</code></em> for it to be
<dt><span class="term"><code class="option">+[no]sit[<span class="optional">=####</span>]</code></span></dt>