Skip to main content
Engineering LibreTexts

10-F.11.2: Network Troubleshooting Commands - dig / nslookup / host

  • Page ID
    40970
  • \( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \) \( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)\(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\) \(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\)\(\newcommand{\AA}{\unicode[.8,0]{x212B}}\)

    The dig Command

    The dig command stands for Domain Information Groper. It is a network administration command-line tool for querying the Domain Name System (DNS). The dig command is useful for network troubleshooting and for educational purposes. It can operate based on command line option and flag arguments, or in batch mode by reading requests from an operating system file. When a specific name server is not specified in the command invocation, it uses the operating system's default resolver, usually configured in the file resolv.conf. Without any arguments it queries the DNS root zone.

    Syntax:

    dig [ OPTIONS ]

    dig is very easy to use, and works well without any options. The list of options is quite long, feel free to consult the man page for this command.

    The following example is a simple lookup of the IP address for the server specified on the command line - deltacollege.edu. The lines that begin with a semi-colon provide comments about the output.

    pbmac@pbmac-server $ dig deltacollege.edu
    ; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> deltacollege.edu
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64205
    ;; flags: qr rd ra; QUERY: 1, Answer: 1, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 512
    ;; QUESTION SECTION:
    ;deltacollege.edu.        IN    A
    
    ;; Answer SECTION:
    deltacollege.edu.    3599    IN    A    52.36.131.229
    
    

    The nslookup Command

    nslookup is a network administration command-line tool available in many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping, or other DNS records. The name "nslookup" means "name server lookup."

    The command does not use the operating system's local Domain Name System resolver library to perform its queries, and thus may behave differently from dig, which it does. Additionally, vendor-provided versions may include output of other sources of name information, such as host files and Network Information Service. Some behaviors of nslookup may be modified by the contents of resolv.conf.

    Syntax:

    nslookup [ OPTION ] [name | -] [server]

    It is possible to use nslookup in a command line mode, or an interactive mode. In the first example the command prints output and returns to the system prompt. In the second example issuing nslookup alone takes the user to a command prompt where command specific input can be entered.

    pbmac@pbmac-server $ nslookup deltacollege.edu
    Server:        8.8.8.8
    Address:    8.8.8.8#53
    
    Non-authoritative answer:
    Name:    deltacollege.edu
    Address: 52.36.131.229
    
    pbmac@pbmac-server $ nslookup
    > deltacollege.edu
    Server:        8.8.8.8
    Address:    8.8.8.8#53
    
    Non-authoritative answer:
    Name:    deltacollege.edu
    Address: 52.36.131.229
    >
    

    The host Command

    The host command in Linux system is used for DNS (Domain Name System) lookup. It is used to find the IP address of a particular domain name, or if you want to find out the domain name of a particular IP address the host command becomes handy. You can also find more specific details of a domain by specifying the corresponding option along with the domain name.

    Syntax:

    host [ OPTIONS ] hostname

    Command Options

    Options Meaning
    -4 This option specifies that only IPv4 should be used for query transport. See also the -6 option.
    -6 This option specifies that only IPv6 should be used for query transport. See also the -4 option.
    -a The -a ("all") option is normally equivalent to -v -t ANY. It also affects the behavior of the -l list zone option.
    -A The -A ("almost all") option is equivalent to -a, except that RRSIG, NSEC, and NSEC3 records are omitted from the output.
    -c class This option specifies the query class, which can be used to lookup HS (Hesiod) or CH (Chaosnet) class resource records. The default class is IN (Internet).
    -C This option indicates that named should check consistency, meaning that host queries the SOA records for zone name from all the listed authoritative name servers for that zone. The list of name servers is defined by the NS records that are found for the zone.
    -d This option prints debugging traces, and is equivalent to the -v verbose option.
    -l This option tells named` to list the zone, meaning the ``host command performs a zone transfer of zone name and prints out the NS, PTR, and address records (A/AAAA).
    -N ndots This option specifies the number of dots (ndots) that have to be in name for it to be considered absolute. The default value is that defined using the ndots statement in /etc/resolv.conf, or 1 if no ndots statement is present. Names with fewer dots are interpreted as relative names, and are searched for in the domains listed in the search or domain directive in /etc/resolv.conf.
    -p port This option specifies the port to query on the server. The default is 53.
    -r This option specifies a non-recursive query; setting this option clears the RD (recursion desired) bit in the query. This means that the name server receiving the query does not attempt to resolve name. The -r option enables host to mimic the behavior of a name server by making non-recursive queries, and expecting to receive answers to those queries that can be referrals to other name servers.
    -R number This option specifies the number of retries for UDP queries. If number is negative or zero, the number of retries is silently set to 1. The default value is 1, or the value of the attempts option in /etc/resolv.conf, if set.
    -s This option tells named not to send the query to the next nameserver if any server responds with a SERVFAIL response, which is the reverse of normal stub resolver behavior.
    -t type This option specifies the query type. The type argument can be any recognized query type: CNAME, NS, SOA, TXT, DNSKEY, AXFR, etc.

    Without a hostname the command will print out the command options.

    Using the -v option generates a very verbose output - gives a lot of information.

    pbmac@pbmac-server $ host -v deltacollege.edu
    Trying "deltacollege.edu"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53400
    ;; flags: qr rd ra; QUERY: 1, Answer: 1, AUTHORITY: 0, ADDITIONAL: 0
    ;; QUESTION SECTION:
    ;deltacollege.edu.        IN    A
    
    ;; Answer SECTION:
    deltacollege.edu.    3599    IN    A    52.36.131.229
    Received 50 bytes from 8.8.8.8#53 in 164 ms
    Trying "deltacollege.edu"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4462
    ;; flags: qr rd ra; QUERY: 1, Answer: 0, AUTHORITY: 1, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;deltacollege.edu.        IN    AAAA
    ;; AUTHORITY SECTION:
    deltacollege.edu.    1799    IN    SOA    sdc-ns2.deltacampus.net. hostmaster.deltacollege.edu. 2015121323 1200 600 1209600 3600
    
    Received 104 bytes from 8.8.8.8#53 in 187 ms
    Trying "deltacollege.edu"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41683
    ;; flags: qr rd ra; QUERY: 1, Answer: 4, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;deltacollege.edu.        IN    MX
    
    ;; Answer SECTION:
    deltacollege.edu.    3599    IN    MX    20 mailin.deltacollege.edu.
    deltacollege.edu.    299    IN    MX    15 mailin1.deltacollege.edu.
    deltacollege.edu.    3599    IN    MX    5 deltacollege-edu.mail.protection.outlook.com.
    deltacollege.edu.    3599    IN    MX    15 mailin3.deltacollege.edu.
    Received 165 bytes from 8.8.8.8#53 in 133 ms
    

    Adapted from:
    "dig (command)" by Multiple ContributorsWikipedia is licensed under CC BY-SA 3.0
    "host command in Linux with examples" by sethusubramanian, Geeks for Geeks is licensed under CC BY-SA 4.0


    10-F.11.2: Network Troubleshooting Commands - dig / nslookup / host is shared under a CC BY-SA 4.0 license and was authored, remixed, and/or curated by LibreTexts.