constellix background

How to Troubleshoot DNS with Dig

July 13, 2020

Constellix DNS LogoOutage Prevention - CDN Outage - DDos Attack Prevention - DNS Outage


Resources:

Subnet Mask Cheat SheetRecords Cheat SheetGeoDNS ExplainedFree Network TroubleshooterKnowledge BasePricing CalculatorLive CDN PerformanceVideo Demos


Categories:

BlogsNewsPress ReleasesIT NewsTutorials
Book a Free Demo →

Want DNS Freebies?

Give us your email and we'll send you the good stuff.

Thanks for joining our newsletter.
Oops! Something went wrong.



Categories:

Emil is a Marketing and SEO Expert at Constellix. If you found our site online, you can thank him for getting you there.

Connect with
LinkedIn

https://www.linkedin.com/in/esimeonov/

Checking DNS Records with Dig

Have you ever needed to check your DNS records and immediately run a ping test to check them? What you and many others may not know is this is incorrect.

The ping command can give you incorrect results if your web server is not reachable or if there is a routing issue to your IP. Instead, try out the dig command, which will give you a detailed response with what your DNS records are showing, without the noise that can affect commands like ping.

Using the dig command

The dig command can be used from any Linux, Unix, or Macintosh OS X operating system. All you need to do is open up the terminal, and you should be good to go. However, if you are on windows, I would recommend downloading a Linux subsystem or remote into a Linux machine in order to get access to this command.

The dig command will give you the exact records, and can even trace the entire DNS lookup to see exactly what is taking place.

To do a test, open the terminal, and type the following:

$ dig blogtest.constellix.com

This will return with the A record for the subdomain blog test, which should point to 1.2.3.4. You will see the record under the answer section, which I have highlighted in red within the response. Please see command and screenshot below:

Here is the test in action:

$ dig blogtest.constellix.com

Example picture of a dig command and DNS lookup

As you can see, the output of a standard dig can be cumbersome with a lot to go over. The portion of the response that you need to be concerned about will be in the “Answer Section” which is shown above, so always check there for the response.

Alternatively, a nice tool is using the +short command. This will clear the terminal up, by only giving you what is in the answer section so you can focus your attention on just the contents of your records.

$ dig blogtest.constellix.com +short


Understanding the DNS Process with dig +trace

If you are confused by the DNS process at all or don’t understand where you may have a misconfiguration causing an issue, you can run a dig +trace to see exactly what is happening at every step of the lookup process.

As seen in this trace, it first will go to the root name servers (a-m.root-servers.net), where it then will find the Top-Level Domain (a-m.gtld-servers.net in the case of a .com domain).

On those Top-Level Domain Name Servers, it then finds the Delegated Name Servers of your domain’s authoritative DNS provider, in this case, ns11-31.contellix.com and ns41-61.constellix.net. Then the end result is displayed: The A Record: 1.2.3.4.

$ dig blogtest.constellix.com +trace

Example of a dig command plus trace.
DNS lookup using dig command

Checking your DNS records with dig

You may want to check other record types for your domain, such as a TXT record, or MX record. In order to test for these record types, simply include the type of record you are querying for at the end of the command.

For example, add “txt” at the end of the command to filter the results for a TXT record, or MX for an MX record. Here is a test that I ran searching for a TXT record with the +short command as well:

$ dig blogtest.constellix.com txt +short

DNS lookup with dig command using txt +short

Checking Delegated Nameservers with dig

If your DNS is not working, the first thing you should check is your delegated name servers. The delegated name servers are managed by your Registrar.

The delegated name servers are managed by your registrar, so it is possible that they could be updated by them.

It is also possible for your registration services to expire, which would mean it is not checking our servers for your records. Checking your delegated name servers is not very different from checking for other records.

All you need to add to the end of your command is “NS” as seen in this example:

$ dig constellix.com ns +short

DNS dig command using ns +short

Conclusion:

Now that you have dig in your toolbelt, you can easily troubleshoot DNS. You will no longer be affected by routing issues or downed systems. This allows you to get to the heart of any issue, save time, and ensure your systems are operating functionally.

For more in-depth information on dig, please visit the documentation located here. For any questions about how Constellix can benefit your business, please visit Constellix.

Sincerely,

Your Constellix Team



Simplify & automate your DNS management.

Learn how we can help with a customized demo.

Get Started
pie diagram dnsdns graph

Constellix DNS News

dig,dig command,dns lookup,records,troubleshoot

Sign up for industry news and insights. It'll be worth it.

Sign up for news and offers from Constellix and DNS Made Easy

Thanks for joining our newsletter.
Oops! Something went wrong.