Linux and Unix host Command Examples

I am a new Linux and command line user. How do I use host command line utility to verify DNS settings on Linux and Unix-like operating systems? How do I use dig command to find the IP address of a host name or host Name of an IP address?

host command details
Description	DNS lookup
Category	Network Utilities
Difficulty	Easy
Root privileges	No
Estimated completion time	15m
Contents Syntax DNS record types Examples Find the IP address of a Host Find the hostname of an IP Specifying the query type Show the SOA for domain/zone name Enables TCP/IP mode Set IPv4 or IPv6 query transport mode Lists all hosts in a domain Options Video See also

The host is a simple and essential command line tool. It is used for the following purposes:

Performing DNS name lookups.
Finding the IP address of a host or vice versa.
List and validate various types of DNS resource records such as as NS and MX names.
Verify ISP dns server and Internet connectivity.
Verify spam and blacklisting records.
Verifying and troubleshooting dns server problems.

Purpose

Use host command to resolve a host name into an Internet Protocol (IP) address or an IP address into a host name.

Syntax

The basic syntax:
host ip-address-here host host-name-here host host-name-here [DNS-Server-Name-Here] host [options] IPAddress | Hostname [DNS-Server-Name-Here]

List of DNS record types

Before you use the host command you should aware of common types of resource records of the DNS. Here are most common resource records:

Type	Purpose	Examples
A	IPv4 IP address	`192.168.1.5` or `75.126.153.206`
AAAA	IPv6 IP address	`2607:f0d0:1002:51::4`
CNAME	Canonical name record (Alias)	`s0.cyberciti.org` is an alias for `d2m4hyssawyie7.cloudfront.net`
MX	Email server host names	`smtp.cyberciti.biz` or `mx1.nixcraft.com`
NS	Name (DNS) server names	`ns1.cyberciti.biz` or `ns-243.awsdns-30.com`
PTR	Pointer to a canonical name. Mostly used for implementing reverse DNS lookups	`82.236.125.74.in-addr.arpa`
SOA	Authoritative information about a DNS zone	see below
TXT	Text record	see below

By default, host command looks for A, AAAA, and MX records only.

host command examples

Let us see how to use host command on Linux and Unix. You need to give a hostname or an IP address as an argument to get various information about that host. Open the Terminal applications and type the following commands.

Find the IP address of a Hostname

To find the address of a host machine called wks05, run:
host wks05
Sample outputs:

cyberciti.biz has address 192.168.1.5

To show the address of a for the domain named google.com or cyberciti.biz, type:
host google.com
OR
host www.cyberciti.biz
Sample outputs:

www.cyberciti.biz has address 75.126.153.206
www.cyberciti.biz has IPv6 address 2607:f0d0:1002:51::4

Find the hostname of an IP address

To find the host whose address is 192.168.1.254, type:
host 192.168.1.254
Sample outputs:

254.1.168.192.in-addr.arpa domain name pointer router.localdomain.

In this example, find the domain name whois address is 75.126.153.206, run:
host 75.126.153.206
Sample outputs:

206.153.126.75.in-addr.arpa domain name pointer www.cyberciti.biz.

How do I select the DNS query type?

Pass the -t option as follows to specifies the query type:
host -t query Hostname|IPAddress
To query NS record type for the domain cyberciti.biz, enter:
host -t ns cyberciti.biz
Sample outputs:

cyberciti.biz name server ns-1075.awsdns-06.org.
cyberciti.biz name server ns-1947.awsdns-51.co.uk.
cyberciti.biz name server ns-243.awsdns-30.com.
cyberciti.biz name server ns-866.awsdns-44.net.

To query CNAME record type, type

host -t CNAME s0.cyberciti.org
Sample outputs:

host -t CNAME s0.cyberciti.org

To query SOA record type for the domain, enter

host -t SOA cyberciti.biz
Sample outputs:

cyberciti.biz has SOA record ns-1075.awsdns-06.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

To query TXT record type for the domain, enter

host -t txt google.com
Sample outputs:

google.com descriptive text "v=spf1 include:_spf.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31 ~all"

Tip: Query of type ANY record for the domain, enter:

host -a cyberciti.biz
OR
host -v cyberciti.biz
Sample outputs:

Fig.01: The -a option displays any type of dns records

Show the SOA records for DNS zone name

Pass the -C option to display the SOA records for zone name from all the listed authoritative name servers for that zone. This is useful to compare SOA records on authoritative nameservers. The syntax is:
$ host -C cyberciti.biz
Sample outputs:

Nameserver 205.251.192.243:
	cyberciti.biz has SOA record ns-1075.awsdns-06.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
Nameserver 205.251.196.51:
	cyberciti.biz has SOA record ns-1075.awsdns-06.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
Nameserver 205.251.199.155:
	cyberciti.biz has SOA record ns-1075.awsdns-06.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
Nameserver 205.251.195.98:
	cyberciti.biz has SOA record ns-1075.awsdns-06.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

Force queries over TCP/IP

By default, host command will use UDP protocol when making queries. Pass the -T option to use a TCP connection when querying the name server. This is useful to see if the name server works over TCP and firewall is allowing queries over the TCP:
host -T IPAddress host -T cyberciti.biz host -a -T google.com

Specifies number of retries for UDP packets

If you are on unraialbe network, you can set retry number for packats. In this example, try to find out the IP address of the domain called example.com in three retries:
host -t a -R 3 example.com

Use either IPv4 or IPv6 transport

To use IPv4 query transport only pass the -4 option to the host command:
host -4 IP|Host host -4 example.com

To use IPv6 query transport only pass the -6 option to the host command. This is useful to test if your IPv6 enabled name servers are working or not:
host -6 IP|Host host -6 example.com

How do I lists all hosts in a domain called example.com?

Pass the -l option to list all hostnames and server in a domain. This only works if you are making query from a slave (secondary) and/or from master dns server IP address only. As a dns server admin you can get the list of all hosts in a domain without opening a zone file:
# Note must be on slave/master server where AXFR is alowed ## host -l example.com
Please note that the AXFR is a special resource record type. It is used for Authoritative Zone Transfer i.e. transfer entire zone file from the master name server to secondary name servers.

host command options

Here is the summary of all important options of the host command on Linux or Unix-like operating systems:

Option	Usage
`-a`	It is equivalent to `-v -t ANY` options.
`-c`	Specifies query class for non-IN data
`-C`	Compares SOA records on authoritative nameservers
`-d`	It is equivalent to -v
`-l`	Lists all hosts in a domain, using AXFR
`-i`	IP6.INT reverse lookups
`-N`	Changes the number of dots allowed before root lookup is done
`-r`	Disables recursive processing
`-R`	Specifies number of retries for UDP packets
`-s`	A SERVFAIL response should stop query
`-t`	Specifies the query type
`-T`	Enables TCP/IP mode
`-v`	Enables verbose output
`-w`	Specifies to wait forever for a reply
`-W`	Specifies how long to wait for a reply
`-4`	Use IPv4 query transport only
`-6`	Use IPv6 query transport only
`-m`	Set memory debugging flag (trace\|record\|usage)

Related media

This tutorials is also available in a quick video format:

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

nixCraft