Terminal: Reading nameserver contents

Question

How do I read nameserver contents using terminal commands?

Answer

The dig command gives similar output as a host command but is more flexible. It reads the public contents of a DNS zone. The most basic command just needs the domain name; the following command will return the A record(s) assigned to the domain name openprovider.eu:

dig openprovider.eu

Note that this does not include any subdomains. If you want to know the A record(s) of rcp.openprovider.eu, you will have to specify this in the command:

dig rcp.openprovider.eu

If you want to know the values of other record types, just add the record type to the command. The following example will list the MX (e-mail) records of openprovider.com:

dig openprovider.com mx

You can use any to search for all records for this hostname (again, this does not include sub domains):

dig openprovider.com any

If you want to view DNSSEC-related content, tell the dig command to do so by adding the +dnssec parameter. This will output all signatures (in RRSIG records) and public keys (in DNSKEY records):

dig +dnssec openprovider.com any

The dig command always uses one of the nameservers on which the domain was registered. There may be situations where you want to search one specific nameserver, for example, if you are planning a migration to a new nameserver. To check another nameserver, simply add it to the command:

dig @ns1.openprovider.nl openprovider.com any

If the dig command does not return the expected results, first check if there is an A record defined on the level that you request (domain name itself, or a sub domain). Alternatively, add "any" to your query.

Was this article helpful?
Additional questions? Submit a request