Domain Seizures Act II: Minimizing Collateral Harm
Book Review: Internet Down, A Modern American Western

Domain Internet Groper: Using dig to access DNS zone data

One of the hands-on activities  I use when explaining how the DNS works shows how to access DNS zone data using the command line tools dig on Mac, BSD, or Linux operating systems. dig is a convenient way to illustrate how applications like the browser or mail client on your device queries the DNS for IP addresses associated with names. dig does essentially what a  "stub" resolver on your device does: basically, it accepts a domain name and submits a query to a name server that performs what is called recursion to obtain the data you are requesting from the DNS.

The following short movies show how a basic query for name to address resolution works:

dig: the Movie (103K)

Here's how you can query for the name servers that host the authoritative zone file of a domain name:

dig for name servers: the Sequel (129K)

and how you can identify the mail servers of a domain:

dig for mail servers: straining the limits of Sequels (153 K)


Now that you've seen some of the basic operations, here's some homework: try some of these variantsof dig to get a feel for how you can get IPv6 addresses and other information about a name. If you are curious how many more query options exist, check out the Linux man page posted here.

[Note: you may be tempted to check YouTube for video with audio. There are a few, and they fall into several categories including NSFW and "thickly accented, nearly incomprensible English". Bottom line: you don't need the audio.]


Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)