Linux / UNIX: DNS Lookup Command

How do I perform dns lookup under Linux or UNIX or Apple OS X operating systems without using 3rd party web sites for troubleshooting DNS usage?

You can use any one of the following dns lookup utility under Linux / UNIX. You can skip all 3rd party websites and use the following to debug your dns servers and lookup issues:

[a] host command – DNS lookup utility. [b] dig command – DNS lookup utility.
Tutorial details
Difficulty Easy (rss)
Root privileges No
Requirements None
Time 10m
Both commands will allow you to get answer to various dns queries such as the IP address (A), mail exchanges (MX), name servers (NS), text annotations (TXT), or ANY (all) type.

host DNS Lookup Examples

host command is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa. When no arguments or options are given, host command displays a short summary of its command line arguments and options. The syntax is as follows:

host -t TYPE
host -t a

Task: Find Out the Domain IP

$ host -t a
Sample outputs: has address

Task: Find Out the Domain Mail Server

$ host -t mx
Sample outputs: mail is handled by 2 mail is handled by 3 mail is handled by 4 mail is handled by 1

Task: Find Out the Domain Name Servers

$ host -t ns
Sample outputs: name server name server name server name server

Task: Find Out the Domain TXT Recored (e.g. SPF)

$ host -t txt
Sample outputs: descriptive text "v=spf1 a mx ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ~all"

Task: Find Out the Domain CNAME Record

$ host -t cname
Sample outputs: is an alias for

Task: Find Out the Domain SOA Record

$ host -t soa
Sample outputs: has SOA record 2008072353 10800 3600 604800 3600

Task: Query Particular Name Server

Query for the domain called
$ host
Sample outputs:

Using domain server:
Aliases: has address has IPv6 address 2607:f0d0:1002:51::4 mail is handled by 3 mail is handled by 4 mail is handled by 1 mail is handled by 2

Task: Display All Information About Domain Records and Zone

You need to pass the -a (all) option and asking host command to make a query of type ANY:
$ host -a
$ host -t any
Sample outputs:

Trying ""
;; Truncated, retrying in TCP mode.
Trying ""
;; ->>HEADER

Task: Use IPv6 Query Transport

Test your dns lookup using IPv6 query transport (you must have IPV6 based connectivity including IPv6 enabled resolving name servers):

$ host -6
$ host -6 -a
$ host -6
$ host -6 -t ns

Sample outputs:

Using domain server:
Address: 2001:48c8:10:1::2#53
Aliases: name server name server name server name server

Task: Reverse IP Lookup

Type the command:
$ host {IP-Address-Here}
$ host

Sample outputs: domain name pointer

Task: Get TTL Information

Type the command as follows:
$ host -v -t {TYPE} {}
$ host -v -t a
$ host -v -t a

Sample outputs:

Trying ""
;; ->>HEADER1866	IN	A


NS1.NIXCRAFT.NET.	85689	IN	AAAA	2001:48c8:7::2
NS2.NIXCRAFT.NET.	85669	IN	AAAA	2607:f0d0:1002:51::3
NS4.NIXCRAFT.NET.	85669	IN	AAAA	2a01:348:0:15:5d59:50c:0:1
NS5.NIXCRAFT.NET.	85669	IN	AAAA	2001:48c8:10:1::2

Received 291 bytes from in 2 ms

If you run the same command again, you’ll notice that the TTL number (1866) reduced.

dig DNS Lookup Examples

dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. hos dns lookup tool have less functionality than dig.


The basic syntax is:

dig @{} {}
dig @{} {} {TYPE}
dig a
dig mx
dig ns 
dig txt
dig a

Task: Trace Domain Delegation Path

See how domains are resolved using root servers i.e. turn on tracing of the delegation path from the root name servers for the name being looked up. When tracing is enabled, dig makes iterative queries to resolve the name being looked up. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup:
$ dig +trace
Sample outputs:

 > DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 > +trace
;; global options:  printcmd
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
.			41219	IN	NS
;; Received 436 bytes from in 2 ms

biz.			172800	IN	NS
biz.			172800	IN	NS
biz.			172800	IN	NS
biz.			172800	IN	NS
biz.			172800	IN	NS
biz.			172800	IN	NS
biz.			172800	IN	NS
;; Received 316 bytes from in 34 ms		7200	IN	NS	NS5.NIXCRAFT.NET.		7200	IN	NS	NS1.NIXCRAFT.NET.		7200	IN	NS	NS2.NIXCRAFT.NET.		7200	IN	NS	NS4.NIXCRAFT.NET.
;; Received 115 bytes from 2001:503:8028:ffff:ffff:ffff:ffff:ff7e#53( in 23 ms		3600	IN	A		3600	IN	NS		3600	IN	NS		3600	IN	NS		3600	IN	NS
;; Received 307 bytes from 2001:48c8:10:1::2#53(NS5.NIXCRAFT.NET) in 222 ms

Task: Get Only Short Answer

A quick way to just get the answer is to type the following command:
$ dig +short
Sample outputs:

Task: Display All Records

$ dig +noall +answer any
Sample outputs:		3490	IN	A		2733	IN	NS	NS2.NIXCRAFT.NET.		2733	IN	NS	NS1.NIXCRAFT.NET.		2733	IN	NS	NS4.NIXCRAFT.NET.		2733	IN	NS	NS5.NIXCRAFT.NET.		85668	IN	RRSIG	NSEC 8 2 86400 20101125013720 20101026010313 50568 biz. OjDv09mccTZR2bYCl4D57QcnNEkBq6bNEa20ExsI6NC2sI9pmiKLnq+w UnCYxWMnkMi7WNXwIhhUWtNhV48X3wJGj1Mufrhq8MnO25JIcRE6UJF2 y12TTZHHE0UJV6HSkw1sac3XlZKXLi/oSvE/IXTsdj2SckPh+pMlaieQ jAA=		85668	IN	NSEC NS RRSIG NSEC

Task: Reverse IP Lookup

Type the following command:
$ dig -x +short {IP-Address-here}
$ dig -x +short

Sample outputs

Task: Find Domain SOA Record

$ dig +nssearch
Sample outputs:

SOA 2008072353 10800 3600 604800 3600 from server in 81 ms.
SOA 2008072353 10800 3600 604800 3600 from server in 216 ms.
SOA 2008072353 10800 3600 604800 3600 from server in 347 ms.
SOA 2008072353 10800 3600 604800 3600 from server in 316 ms.

Task: Find Out TTL Value Using dig

$ dig +nocmd +noall +answer {TYPE} {}
$ dig +nocmd +noall +answer a

Sample outputs:		1642	IN	A

Run again, enter:
$ dig +nocmd +noall +answer a
Sample outputs:		1629	IN	A
See also:
🐧 If you liked this page, please support my work on Patreon or with a donation.
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
8 comments… add one
  • kiranjith Nov 9, 2010 @ 8:48

    Cool work…
    Love this one…

  • Prasanth Nov 9, 2010 @ 10:14

    Good Work! Nice to see all the main DNS troubleshooting commands clubbed in one page. It will be really helpful for the newbies…

    PS: Found one typo in the following command:

    Task: Get TTL Information

    $ host -t -t a
    $ host -t -t a

    It should be host -v -t a

  • Colin Brace Nov 9, 2010 @ 14:02

    Super useful, Vivek. I’m definitely bookmarking this page.

    FWIW, I find ‘whois IP number’ really useful for determining who owns a given IP number (helpful when tracking abuse). An example:

    $ whois
    [Redirected to]
    %rwhois V-1.5:003fff:00 (by Network Solutions, Inc. V-
    network:Organization;I:SoftLayer Technologies, Inc.
    network:Street-Address:1950 Stemmons Freeway Suite 2043

    %referral rwhois://

  • Cristian Nov 14, 2010 @ 17:55

    excelent job !!!

  • don Jul 24, 2013 @ 3:53

    Hi there.. Firstly thanks for this great guide. I need some guide to point me my error. I have setup DNS on server but I didnt register the domain yet. Just need confirmation before I register my domain. I run command below and get an error.

    # host
    Host not found: 3(NXDOMAIN)
    # host -t A has address
    # host -t ns name server
    # host -t txt has no TXT record
    # host -t soa has SOA record 2013042202 3600 1800 604800 86400
    # host -t any has SOA record 2013042202 3600 1800 604800 86400 name server has address

    I tried to setup email server and dns server on the same machine. Is there any step that I missed in DNS setup?

    Thanks in advance.

    • don Jul 24, 2013 @ 5:38

      Additional output:

      # dig -x

      ; <> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <> -x
      ;; global options: +cmd
      ;; Got answer:
      ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61551
      ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

      ; IN PTR

      ;; AUTHORITY SECTION: 900 IN SOA 2011080538 10800 3600 604800 86 400

      ;; Query time: 21 msec
      ;; SERVER:
      ;; WHEN: Wed Jul 24 13:31:55 2013
      ;; MSG SIZE rcvd: 102

      Seriously, I cant understand the output better without help from others.

  • RozaCam458 Jun 4, 2016 @ 5:21

    Hi cyberciti
    thanks for share good tip for this topic.

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.