Follow

Using the terminal (shell) for investigation of domain-related problems

This article contains a couple of tips and tricks that can be used to investigate domains and DNS zones. Do you have a tip that is not in the article? Mention it in the comments below!

The tips in this article use the shell in Linux or the terminal in Apple's Mac OS, also simply called "command line" of "CLI".

The article starts with a couple of generic commands and then walks through a couple of common cases.

General commands

Whois: get information of a domain name

While you can retrieve whois information through the control panel, sometimes it is useful to have it plain text, for example if you want to automate something.

In most cases, a simple whois command works fine:

whois openprovider.com

Some registries (e.g. .com and .net) are known as thin registries - they do not store contact data. They refer to the registrar's whois service instead (search for Registrar WHOIS Server in the output). If your whois application does not query this whois server automatically as well, you can do it yourself using the -h option:

whois -h whois.registrar.eu openprovider.com

Sometimes your whois application cannot find a whois server. This often happens with new gTLDs. In such case, it's again the -h option that you need. Our extension pages contain the whois servers for most of the registries.

whois -h whois.nic.domains openprovider.domains

Tip: all new gTLDs run their whois server on whois.nic.tld - where "tld" is of course the extension that you want to query.

Ping: check if a domain name (website) resolves

You can quickly check if a website is accessible by doing a ping command. This will send a small package of data to the IP address to which the domain is configured, and wait for an answer:

ping openprovider.com

If you get a response, you see the assigned IP address as well. If you do not get a response, or a response from a different IP address, you may need to debug.

Tip: not all servers respond to a ping command. The absence of an a response does not necessarily mean that the domain is not available. It may be perfectly available in a browser.

Tip: the other way around, a response to a ping command does not mean that the website can be reached in a browser. There may be no website at all, the webserver may be misconfigured, the page may contain errors, ...

Host: do a DNS lookup for a name

The host command reads the DNS and returns the A, AAAA and MX records belonging to a name. This information is very useful at the start of a debugging session:

host openprovider.com

If the name is a redirect (CNAME) to another name, it will return the information for that other name. For example, www.openprovider.com is a redirect to openprovider.com:

host www.openprovider.com

If you want to see all record types, add the parameter -a:

host -a openprovider.com

Dig: read contents of a nameserver

The dig command gives similar output as a host command, but is more flexible. It reads the public contents of a DNS zone. The most basic command just needs the domain name; the following command will return the A record(s) assigned to the domain name openprovider.eu:

dig openprovider.eu

Note that this does not include any sub domains. If you want to know the A record(s) of rcp.openprovider.eu, you will have to specify this in the command:

dig rcp.openprovider.eu

If you want to know the values of other record types, just add the record type to the command. The following example will list the MX (e-mail) records of openprovider.com:

dig openprovider.com mx

You can use any to search for all records for this hostname (again, this does not include sub domains):

dig openprovider.com any

If you want to view DNSSEC-related content, tell the dig command to do so by adding the +dnssec parameter. This will output all signatures (in RRSIG records) and public keys (in DNSKEY records):

dig +dnssec openprovider.com any

The dig command always uses one of the nameservers on which the domain was registered. There may be situations where you want to search one specific nameserver, for example if you are planning a migration to a new nameserver. To check another nameserver, simply add it to the command:

dig @ns1.openprovider.nl openprovider.com any

Common cases

Our support team often receives cases that they investigate using command line tools. Some of those cases are explained below.

(To be completed)

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.