CLI Tool Spotlight: Master the `dig` Command

Jan 18, 2022 · 2 min read · 369 Words · -Views -Comments
Development Tools Network 🇨🇳 阅读中文版

I recently saw a discussion about the dig command in the Surge community regarding network diagnostics. I decided to dive deeper into how it works and how it can be used for everyday troubleshooting.

What is dig?

According to Wikipedia, dig (Domain Information Groper) is a network administration command-line tool for querying the Domain Name System (DNS). It’s an essential tool for verifying that a domain name is correctly resolving to the intended IP address.

Basic Usage

The standard syntax is dig <domain> @<dns-server>. Here is an example:

$ dig 1991421.cn @119.29.29.29

; <<>> DiG 9.10.6 <<>> 1991421.cn @119.29.29.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45826
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1991421.cn.			IN	A

;; ANSWER SECTION:
1991421.cn.		600	IN	A	108.160.132.49

;; Query time: 91 msec
;; SERVER: 119.29.29.29#53(119.29.29.29)
;; WHEN: Tue Jan 18 22:53:26 CST 2022
;; MSG SIZE  rcvd: 55

Why specify the DNS server?

In the example above, I explicitly used Tencent Cloud’s DNS (119.29.29.29). This is important because, on macOS with Surge in Enhanced Mode, default DNS queries are intercepted by Surge. By specifying a public DNS server, I can bypass local proxies to see the “real” A record.

Frequently Asked Questions

Which protocol does dig use?

By default, dig uses UDP. If you need to force a query over TCP (useful for checking if large responses are being truncated), you can add the +tcp flag: dig 1991421.cn @119.29.29.29 +tcp

dig vs. ping

While ping tells you if a host is reachable, dig tells you how it’s being resolved. dig provides detailed DNS information, including TTL (Time to Live) and authority records, which ping cannot. For DNS-related troubleshooting, dig is far superior.

Installation

  • macOS: Included by default.
  • Linux (CentOS/RHEL): sudo yum install bind-utils
  • Linux (Ubuntu/Debian): sudo apt-get install dnsutils

Final Thoughts

Mastering standard CLI tools like dig, telnet, and curl significantly lowers the friction of debugging network issues. If you can’t reach your site, your first step should always be a quick “dig.”

References

Development Tools Network
Authors
Developer, digital product enthusiast, tinkerer, sharer, open source lover

Related