I am a new Linux and command line user. How do I use host command line utility to verify DNS settings on Linux and Unix-like operating systems? How do I use dig command to find the IP address of a host name or host Name of an IP address?
| host command details | |
|---|---|
| Description | DNS lookup |
| Category | N/A |
| Difficulty | Easy |
| Root privileges | No |
| Estimated completion time | 15m |
- Performing DNS name lookups.
- Finding the IP address of a host or vice versa.
- List and validate various types of DNS resource records such as as NS and MX names.
- Verify ISP dns server and Internet connectivity.
- Verify spam and blacklisting records.
- Verifying and troubleshooting dns server problems.
Purpose
Use host command to resolve a host name into an Internet Protocol (IP) address or an IP address into a host name.
Syntax
The basic syntax:
host ip-address-here
host host-name-here
host host-name-here [DNS-Server-Name-Here]
host [options] IPAddress | Hostname [DNS-Server-Name-Here]
List of DNS record types
Before you use the host command you should aware of common types of resource records of the DNS. Here are most common resource records:
| Type | Purpose | Examples |
| A | IPv4 IP address | 192.168.1.5 or 75.126.153.206 |
| AAAA | IPv6 IP address | 2607:f0d0:1002:51::4 |
| CNAME | Canonical name record (Alias) | s0.cyberciti.org is an alias for d2m4hyssawyie7.cloudfront.net |
| MX | Email server host names | smtp.cyberciti.biz or mx1.nixcraft.com |
| NS | Name (DNS) server names | ns1.cyberciti.biz or ns-243.awsdns-30.com |
| PTR | Pointer to a canonical name. Mostly used for implementing reverse DNS lookups |
82.236.125.74.in-addr.arpa |
| SOA | Authoritative information about a DNS zone | see below |
| TXT | Text record | see below |
By default, host command looks for A, AAAA, and MX records only.
host command examples
Let us see how to use host command on Linux and Unix. You need to give a hostname or an IP address as an argument to get various information about that host. Open the Terminal applications and type the following commands.
Find the IP address of a Hostname
To find the address of a host machine called wks05, run:
host wks05
Sample outputs:
cyberciti.biz has address 192.168.1.5
To show the address of a for the domain named google.com or cyberciti.biz, type:
host google.com
OR
host www.cyberciti.biz
Sample outputs:
www.cyberciti.biz has address 75.126.153.206 www.cyberciti.biz has IPv6 address 2607:f0d0:1002:51::4
Find the hostname of an IP address
To find the host whose address is 192.168.1.254, type:
host 192.168.1.254
Sample outputs:
254.1.168.192.in-addr.arpa domain name pointer router.localdomain.
In this example, find the domain name whois address is 75.126.153.206, run:
host 75.126.153.206
Sample outputs:
206.153.126.75.in-addr.arpa domain name pointer www.cyberciti.biz.
How do I select the DNS query type?
Pass the -t option as follows to specifies the query type:
host -t query Hostname|IPAddress
To query NS record type for the domain cyberciti.biz, enter:
host -t ns cyberciti.biz
Sample outputs:
cyberciti.biz name server ns-1075.awsdns-06.org. cyberciti.biz name server ns-1947.awsdns-51.co.uk. cyberciti.biz name server ns-243.awsdns-30.com. cyberciti.biz name server ns-866.awsdns-44.net.
To query CNAME record type, type
host -t CNAME s0.cyberciti.org
Sample outputs:
host -t CNAME s0.cyberciti.org
To query SOA record type for the domain, enter
host -t SOA cyberciti.biz
Sample outputs:
cyberciti.biz has SOA record ns-1075.awsdns-06.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
To query TXT record type for the domain, enter
host -t txt google.com
Sample outputs:
google.com descriptive text "v=spf1 include:_spf.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31 ~all"
Tip: Query of type ANY record for the domain, enter:
host -a cyberciti.biz
OR
host -v cyberciti.biz
Sample outputs:
Fig.01: The -a option displays any type of dns records
Show the SOA records for DNS zone name
Pass the -C option to display the SOA records for zone name from all the listed authoritative name servers for that zone. This is useful to compare SOA records on authoritative nameservers. The syntax is:
$ host -C cyberciti.biz
Sample outputs:
Nameserver 205.251.192.243: cyberciti.biz has SOA record ns-1075.awsdns-06.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 Nameserver 205.251.196.51: cyberciti.biz has SOA record ns-1075.awsdns-06.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 Nameserver 205.251.199.155: cyberciti.biz has SOA record ns-1075.awsdns-06.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 Nameserver 205.251.195.98: cyberciti.biz has SOA record ns-1075.awsdns-06.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
Force queries over TCP/IP
By default, host command will use UDP protocol when making queries. Pass the -T option to use a TCP connection when querying the name server. This is useful to see if the name server works over TCP and firewall is allowing queries over the TCP:
host -T IPAddress
host -T cyberciti.biz
host -a -T google.com
Specifies number of retries for UDP packets
If you are on unraialbe network, you can set retry number for packats. In this example, try to find out the IP address of the domain called example.com in three retries:
host -t a -R 3 example.com
Use either IPv4 or IPv6 transport
To use IPv4 query transport only pass the -4 option to the host command:
host -4 IP|Host
host -4 example.com
To use IPv6 query transport only pass the -6 option to the host command. This is useful to test if your IPv6 enabled name servers are working or not:
host -6 IP|Host
host -6 example.com
How do I lists all hosts in a domain called example.com?
Pass the -l option to list all hostnames and server in a domain. This only works if you are making query from a slave (secondary) and/or from master dns server IP address only. As a dns server admin you can get the list of all hosts in a domain without opening a zone file:
# Note must be on slave/master server where AXFR is alowed ##
host -l example.com
Please note that the AXFR is a special resource record type. It is used for Authoritative Zone Transfer i.e. transfer entire zone file from the master name server to secondary name servers.
host command options
Here is the summary of all important options of the host command on Linux or Unix-like operating systems:
| Option | Usage |
| -a | It is equivalent to -v -t ANY options. |
| -c | Specifies query class for non-IN data |
| -C | Compares SOA records on authoritative nameservers |
| -d | It is equivalent to -v |
| -l | Lists all hosts in a domain, using AXFR |
| -i | IP6.INT reverse lookups |
| -N | Changes the number of dots allowed before root lookup is done |
| -r | Disables recursive processing |
| -R | Specifies number of retries for UDP packets |
| -s | A SERVFAIL response should stop query |
| -t | Specifies the query type |
| -T | Enables TCP/IP mode |
| -v | Enables verbose output |
| -w | Specifies to wait forever for a reply |
| -W | Specifies how long to wait for a reply |
| -4 | Use IPv4 query transport only |
| -6 | Use IPv6 query transport only |
| -m | Set memory debugging flag (trace|record|usage) |
Related media
This tutorials is also available in a quick video format:
See also
- host(1) command man page
- Resource Record (RR) TYPEs
🐧 0 comments... add one ↓
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
