version=pmwiki-2.2.130 ordered=1 urlencoded=1 agent=w3m/0.5.3+git20210102 author=jrmu charset=UTF-8 csum= ctime=1597984267 host=38.87.162.8 name=Openbsd.Dig rev=6 targets=Openbsd.Unbound text=(:redirect Dig.Usage:)%0a(:title Troubleshooting DNS with dig:)%0a%0adig is a DNS lookup utility which is invaluable for helping troubleshoot DNS errors.%0a%0aTo lookup the IPv4 address of a hostname, run:%0a%0a[@%0a$ dig example.ircnow.org%0a; %3c%3c>> dig 9.10.8-P1 %3c%3c>> example.ircnow.org%0a;; global options: +cmd%0a;; Got answer:%0a;; ->>HEADER%3c%3c- opcode: QUERY, status: NOERROR, id: 15341%0a;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1%0a%0a;; OPT PSEUDOSECTION:%0a; EDNS: version: 0, flags:; udp: 4096%0a;; QUESTION SECTION:%0a;example.ircnow.org. IN A%0a%0a;; ANSWER SECTION:%0aexample.ircnow.org. 3600 IN A 192.168.0.1%0a%0a;; Query time: 485 msec%0a;; SERVER: 127.0.0.1#53(127.0.0.1)%0a;; WHEN: Fri Aug 21 12:31:44 CST 2020%0a;; MSG SIZE rcvd: 55%0a@]%0a%0a!! Success or Failure%0a%0a# @@status: NOERROR@@\\%0aThis indicates that the name lookup succeeded.%0a# @@status: NXDOMAIN@@\\%0aThis indicates that the name server believes there are no records for the hostname. In other words, the name server for the zone exists, but the record does not.%0a# @@;; connection timed out; no servers could be reached@@\\%0aThis indicates that your computer cannot reach the nameservers in /etc/resolv.conf. Please reconfigure your [[openbsd/unbound|local caching nameservers]].%0a%0a!! Answer Section%0a%0a[@%0a;; ANSWER SECTION:%0aexample.ircnow.org. 3600 IN A 192.168.0.1%0a@]%0a%0aThe @@3600@@ means that this entry has a time to live (TTL) value of 3600s. After 3600s, or 1 hour, the answer will no longer be valid. @@A@@ means this is an A record (it tells you the IPv4 address), and the IP address 192.168.0.1.%0a%0a!! Other Details%0a%0a[@%0a;; Query time: 485 msec%0a;; SERVER: 127.0.0.1#53(127.0.0.1)%0a@]%0a%0aThis tells you that it took 485 milliseconds to make the request, and that dig asked the nameserver 127.0.0.1 on port 53 for the answer. The server is very important because different nameservers might give different responses. For example, suppose you want to ask the two nameservers, @@ns1.ircnow.org@@ and @@ns2.ircnow.org@@, what the correct answer is:%0a%0a[@%0a$ dig @ns1.ircnow.org example.ircnow.org%0a$ dig @ns2.ircnow.org example.ircnow.org%0a@]%0a%0aThe two nameservers might give different answers!%0a%0aTo test if your changes have propagated (other nameservers have synced), you can try testing other public nameservers like the ones offered by [[https://servers.opennic.org/|OpenNIC]].%0a%0a!! Getting Other Records%0a%0aBy default, dig returns A records, but there are many other records:%0a%0a[@%0a$ dig -t any example.ircnow.org # shows all records%0a$ dig -t mx example.ircnow.org # shows MX (mail exchange) records%0a$ dig -t ns example.ircnow.org # shows NS (nameserver) records%0a$ dig -t aaaa example.ircnow.org # shows AAAA (IPv4) records%0a$ dig -t txt example.ircnow.org # shows TXT (text) records%0a@]%0a time=1627195831 title=Troubleshooting DNS with dig author:1627195831=jrmu diff:1627195831:1597986288:=1d0%0a%3c (:redirect Dig.Usage:)%0a host:1627195831=38.87.162.8 author:1597986288=jrmu diff:1597986288:1597986164:=67,75c67%0a%3c By default, dig returns A records, but there are many other records:%0a%3c %0a%3c [@%0a%3c $ dig -t any example.ircnow.org # shows all records%0a%3c $ dig -t mx example.ircnow.org # shows MX (mail exchange) records%0a%3c $ dig -t ns example.ircnow.org # shows NS (nameserver) records%0a%3c $ dig -t aaaa example.ircnow.org # shows AAAA (IPv4) records%0a%3c $ dig -t txt example.ircnow.org # shows TXT (text) records%0a%3c @]%0a---%0a> There are more records besides%0a host:1597986288=38.81.163.143 author:1597986164=jrmu diff:1597986164:1597985569:=45,67c45,48%0a%3c The @@3600@@ means that this entry has a time to live (TTL) value of 3600s. After 3600s, or 1 hour, the answer will no longer be valid. @@A@@ means this is an A record (it tells you the IPv4 address), and the IP address 192.168.0.1.%0a%3c %0a%3c !! Other Details%0a%3c %0a%3c [@%0a%3c ;; Query time: 485 msec%0a%3c ;; SERVER: 127.0.0.1#53(127.0.0.1)%0a%3c @]%0a%3c %0a%3c This tells you that it took 485 milliseconds to make the request, and that dig asked the nameserver 127.0.0.1 on port 53 for the answer. The server is very important because different nameservers might give different responses. For example, suppose you want to ask the two nameservers, @@ns1.ircnow.org@@ and @@ns2.ircnow.org@@, what the correct answer is:%0a%3c %0a%3c [@%0a%3c $ dig @ns1.ircnow.org example.ircnow.org%0a%3c $ dig @ns2.ircnow.org example.ircnow.org%0a%3c @]%0a%3c %0a%3c The two nameservers might give different answers!%0a%3c %0a%3c To test if your changes have propagated (other nameservers have synced), you can try testing other public nameservers like the ones offered by [[https://servers.opennic.org/|OpenNIC]].%0a%3c %0a%3c !! Getting Other Records%0a%3c %0a%3c There are more records besides%0a---%0a> The @@3600@@ means that this entry has a time to live (TTL) value of 3600s. After 3600s, or 1 hour, the answer will no longer be valid. @@IN@@ stands for Internet Protocol, A means this is an A record, and the IP address 192.168.0.1 is what the hostname resolves to.%0a> %0a> !! Querying Different Servers%0a> %0a host:1597986164=38.81.163.143 author:1597985569=jrmu diff:1597985569:1597985419:=29,30d28%0a%3c !! Success or Failure%0a%3c %0a37,48d34%0a%3c %0a%3c !! Answer Section%0a%3c %0a%3c [@%0a%3c ;; ANSWER SECTION:%0a%3c example.ircnow.org. 3600 IN A 192.168.0.1%0a%3c @]%0a%3c %0a%3c The @@3600@@ means that this entry has a time to live (TTL) value of 3600s. After 3600s, or 1 hour, the answer will no longer be valid. @@IN@@ stands for Internet Protocol, A means this is an A record, and the IP address 192.168.0.1 is what the hostname resolves to.%0a%3c %0a%3c !! Querying Different Servers%0a%3c %0a host:1597985569=38.81.163.143 author:1597985419=jrmu diff:1597985419:1597984267:=5,34d4%0a%3c To lookup the IPv4 address of a hostname, run:%0a%3c %0a%3c [@%0a%3c $ dig example.ircnow.org%0a%3c ; %3c%3c>> dig 9.10.8-P1 %3c%3c>> example.ircnow.org%0a%3c ;; global options: +cmd%0a%3c ;; Got answer:%0a%3c ;; ->>HEADER%3c%3c- opcode: QUERY, status: NOERROR, id: 15341%0a%3c ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1%0a%3c %0a%3c ;; OPT PSEUDOSECTION:%0a%3c ; EDNS: version: 0, flags:; udp: 4096%0a%3c ;; QUESTION SECTION:%0a%3c ;example.ircnow.org. IN A%0a%3c %0a%3c ;; ANSWER SECTION:%0a%3c example.ircnow.org. 3600 IN A 192.168.0.1%0a%3c %0a%3c ;; Query time: 485 msec%0a%3c ;; SERVER: 127.0.0.1#53(127.0.0.1)%0a%3c ;; WHEN: Fri Aug 21 12:31:44 CST 2020%0a%3c ;; MSG SIZE rcvd: 55%0a%3c @]%0a%3c %0a%3c # @@status: NOERROR@@\\%0a%3c This indicates that the name lookup succeeded.%0a%3c # @@status: NXDOMAIN@@\\%0a%3c This indicates that the name server believes there are no records for the hostname. In other words, the name server for the zone exists, but the record does not.%0a%3c # @@;; connection timed out; no servers could be reached@@\\%0a%3c This indicates that your computer cannot reach the nameservers in /etc/resolv.conf. Please reconfigure your [[openbsd/unbound|local caching nameservers]].%0a host:1597985419=38.81.163.143 author:1597984267=jrmu diff:1597984267:1597984267:=1,4d0%0a%3c (:title Troubleshooting DNS with dig:)%0a%3c %0a%3c dig is a DNS lookup utility which is invaluable for helping troubleshoot DNS errors.%0a%3c %0a host:1597984267=38.81.163.143