I would like to see the Time-to-live (TTL) value for a ‘AAAA’ and A record for domains. How do I see Time-to-live (TTL) for a DNS record under Unix or Linux operating systems using command line options?

Time to live (TTL) is a mechanism that limits the lifetime of dns records in the Domain Name System (DNS).
Tutorial details
Difficulty level Easy
Root privileges No
Requirements dig or host
Est. reading time N/A
It is set by an authoritative DNS server for particular resource record. The TTL is set in seconds and it is used by caching (recursive) dns server to speed up dns name resolution. You can use dig or host Unix dns lookup commands to find out ttl for any dns resources. This tutorial shows how to use use dig/host command to find DNS Time to Live (TTL) values.

dig command syntax to find ttl

The dig command syntax is:

dig type name
dig @ns-name-server-here type name
dig [optipns] @ns-name-server-here type name
dig [options] type name


In this example, find out ttl for www.cyberciti.biz a record:

dig a www.cyberciti.biz

Sample outputs:

dig a www.cyberciti.biz

; <<>> DiG 9.7.3 <<>> a www.cyberciti.biz
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34721
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4

;www.cyberciti.biz.		IN	A

www.cyberciti.biz.	30	IN	A

cyberciti.biz.		161081	IN	NS	ns-1075.awsdns-06.org.
cyberciti.biz.		161081	IN	NS	ns-866.awsdns-44.net.
cyberciti.biz.		161081	IN	NS	ns-243.awsdns-30.com.
cyberciti.biz.		161081	IN	NS	ns-1947.awsdns-51.co.uk.

ns-243.awsdns-30.com.	161081	IN	A
ns-866.awsdns-44.net.	161081	IN	A
ns-1075.awsdns-06.org.	161081	IN	A
ns-1947.awsdns-51.co.uk. 161081	IN	A

;; Query time: 201 msec
;; WHEN: Sat May  4 16:18:18 2013
;; MSG SIZE  rcvd: 255

For www.cyberciti.biz ttl is set to 30 seconds. To just find out ttl, use the following syntax:

dig +nocmd +noall +answer +ttlid type name-here
dig +nocmd +noall +answer +ttlid a www.cyberciti.biz

Sample outputs:

www.cyberciti.biz.	30	IN	A

A few more examples:

## Find ttl for IPv6 record  ##
dig +nocmd +noall +answer +ttlid aaaa www.cyberciti.biz
www.cyberciti.biz.	592804	IN	AAAA	2607:f0d0:1002:51::4
## Find ttl for mx record ##
dig +nocmd +noall +answer +ttlid mx www.cyberciti.biz
cyberciti.biz.		3555	IN	MX	5 alt2.aspmx.l.google.com.
cyberciti.biz.		3555	IN	MX	10 aspmx2.googlemail.com.
cyberciti.biz.		3555	IN	MX	10 aspmx3.googlemail.com.
cyberciti.biz.		3555	IN	MX	1 aspmx.l.google.com.
cyberciti.biz.		3555	IN	MX	5 alt1.aspmx.l.google.com.


  1. +nocmd – Toggles the printing of the initial comment in the output identifying the version of dig and the query options that have been applied. This comment is printed by default.
  2. +noall – Set or clear all display flags.
  3. +answer – Display [do not display] the answer section of a reply. The default is to display it.
  4. +ttlid – Display [do not display] the TTL when printing the record.

A note about query directly to authoritative name server for ttl

You can skip caching recursive name server and get fresh ttl value using the following syntax:

dig +trace a www.cyberciti.biz
dig +trace +nocmd +noall +answer +ttlid aaaa www.cyberciti.biz

Sample outputs:

Fig.01: Displaying the ttl value for an IPV6 of www.cyberciti.biz

Fig.01: Displaying the ttl value for an IPV6 of www.cyberciti.biz

host command syntax to find ttl

The host command syntax is:

host -a -t type name


To see ttl for an IPv6 record for www.cyberciti.biz, enter:
$ host -a -t aaaa www.cyberciti.biz
Sample outputs:

Trying "www.cyberciti.biz"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57539
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;www.cyberciti.biz.		IN	AAAA
www.cyberciti.biz.	592445	IN	AAAA	2607:f0d0:1002:51::4
cyberciti.biz.		160433	IN	NS	ns-243.awsdns-30.com.
cyberciti.biz.		160433	IN	NS	ns-1075.awsdns-06.org.
cyberciti.biz.		160433	IN	NS	ns-1947.awsdns-51.co.uk.
cyberciti.biz.		160433	IN	NS	ns-866.awsdns-44.net.
ns-243.awsdns-30.com.	160433	IN	A
ns-866.awsdns-44.net.	160433	IN	A
ns-1075.awsdns-06.org.	160433	IN	A
ns-1947.awsdns-51.co.uk. 160433	IN	A
Received 267 bytes from in 0 ms

The ttl for www.cyberciti.biz is set to 592445. A few more examples:

## Show an IPv4 a record ##
host -a -t a www.cyberciti.biz
## Show max record ##
host  -a -t mx cyberciti.biz
## Show cname record
host -a -t cname s0.cyberciti.org
host  -a -t cname s13.cyberciti.org
See also

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 3 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
3 comments… add one
  • Philippe Petrinko May 9, 2013 @ 7:37

    Fine topic, good to know.

    Typo here:
    “find out ttl for http://www.cyberciti.biz a recored:”

    recored => record

    — Philippe

    • 🐧 nixCraft May 9, 2013 @ 7:45

      The faq has been updated. I appreciate your post.

  • Sanal Nov 6, 2013 @ 14:07

    what is “id” refers to ??

    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57539

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum