The dig command is commonly used to make DNS queries. However, a much overlooked command is the host command. Here are some quick tips for a useful tool to add to your bag of tricks or to impress your friends.
The syntax is:
$ host [domain.com]
When run with no options, a simple quick summary is output:
$ host google.com google.com has address 72.14.204.113 google.com has address 72.14.204.138 google.com has address 72.14.204.102 google.com has address 72.14.204.100 google.com has address 72.14.204.101 google.com mail is handled by 10 aspmx.l.google.com. google.com mail is handled by 50 alt4.aspmx.l.google.com. google.com mail is handled by 40 alt3.aspmx.l.google.com. google.com mail is handled by 30 alt2.aspmx.l.google.com. google.com mail is handled by 20 alt1.aspmx.l.google.com.
Using tack a is the equivalent of any ANY request:
$ host -a google.com Trying "google.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57800 ;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN ANY ;; ANSWER SECTION: google.com. 296 IN MX 10 aspmx.l.google.com. google.com. 296 IN MX 50 alt4.aspmx.l.google.com. google.com. 296 IN MX 40 alt3.aspmx.l.google.com. google.com. 296 IN MX 30 alt2.aspmx.l.google.com. google.com. 296 IN MX 20 alt1.aspmx.l.google.com. google.com. 170005 IN NS ns2.google.com. google.com. 170005 IN NS ns1.google.com. google.com. 170005 IN NS ns3.google.com. google.com. 170005 IN NS ns4.google.com. Received 208 bytes from 208.67.222.222#53 in 59 ms
Tack t followed by the type desired such as CNAME, NS, A, AAAA and so forth is a quick way to check for a specific type. This is a quick way to check for an ipv6 record, as one example:
$ host -t AAAA ipv6.google.com ipv6.google.com is an alias for ipv6.l.google.com. ipv6.l.google.com has IPv6 address 2001:4860:800a::69
Cool!
Thanks Scott, I remember the first I started doing DNS queries. I wish i would of found this article way back then!
Is there a distinct advantage to using command line tools over say something like this to get the information?
http://www.unlocktheinbox.com/dnslookup/mx/google.com/
Twitter: scottlinux
Command line tools query DNS directly rather than going through a web page that does the query to its own pre-defined DNS server (and website ads…). Also, hundreds of more options are available with commands such as host or dig that a website is not able to provide. My blog example is very tame on purpose, but you can get quite in depth on the command line as needed!
With command line tools you can even specify the exact DNS server you want to test against, say, if you are a DNS admin. For example, perhaps you wanted to test if particular DNS information has reached a particular DNS server. Or test why users on your network cannot reach a particular domain. You would use dig or host to verify this for your mission critical company’s DNS servers.
Here I am querying opendns directly:
$ host google.com 208.67.222.222
Cheers,