Table of Contents
Checking DNS Records with Dig
Have you ever needed to check your DNS records and immediately run a ping test to check them? What you and many others may not know is this is incorrect.
The ping command can give you incorrect results if your web server is not reachable or if there is a routing issue to your IP. Instead, try out the dig command, which will give you a detailed response with what your DNS records are showing, without the noise that can affect commands like ping.
Using the dig command
The dig command can be used from any Linux, Unix, or Macintosh OS X operating system. All you need to do is open up the terminal, and you should be good to go. However, if you are on windows, I would recommend downloading a Linux subsystem or remote into a Linux machine in order to get access to this command.
The dig command will give you the exact records, and can even trace the entire DNS lookup to see exactly what is taking place.
To do a test, open the terminal, and type the following:
$ dig blogtest.constellix.com
This will return with the A record for the subdomain blog test, which should point to 220.127.116.11. You will see the record under the answer section, which I have highlighted in red within the response. Please see command and screenshot below:
Here is the test in action:
$ dig blogtest.constellix.com
As you can see, the output of a standard dig can be cumbersome with a lot to go over. The portion of the response that you need to be concerned about will be in the “Answer Section” which is shown above, so always check there for the response.
Alternatively, a nice tool is using the +short command. This will clear the terminal up, by only giving you what is in the answer section so you can focus your attention on just the contents of your records.
$ dig blogtest.constellix.com +short
Understanding the DNS Process with dig +trace
If you are confused by the DNS process at all or don’t understand where you may have a misconfiguration causing an issue, you can run a dig +trace to see exactly what is happening at every step of the lookup process.
As seen in this trace, it first will go to the root name servers (a-m.root-servers.net), where it then will find the Top-Level Domain (a-m.gtld-servers.net in the case of a .com domain).
On those Top-Level Domain Name Servers, it then finds the Delegated Name Servers of your domain’s authoritative DNS provider, in this case, ns11-31.contellix.com and ns41-61.constellix.net. Then the end result is displayed: The A Record: 18.104.22.168.
$ dig blogtest.constellix.com +trace
Checking your DNS records with dig
You may want to check other record types for your domain, such as a TXT record, or MX record. In order to test for these record types, simply include the type of record you are querying for at the end of the command.
For example, add “txt” at the end of the command to filter the results for a TXT record, or MX for an MX record. Here is a test that I ran searching for a TXT record with the +short command as well:
$ dig blogtest.constellix.com txt +short
Checking Delegated Nameservers with dig
If your DNS is not working, the first thing you should check is your delegated name servers. The delegated name servers are managed by your Registrar.
The delegated name servers are managed by your registrar, so it is possible that they could be updated by them.
It is also possible for your registration services to expire, which would mean it is not checking our servers for your records. Checking your delegated name servers is not very different from checking for other records.
All you need to add to the end of your command is “NS” as seen in this example:
$ dig constellix.com ns +short
Now that you have dig in your toolbelt, you can easily troubleshoot DNS. You will no longer be affected by routing issues or downed systems. This allows you to get to the heart of any issue, save time, and ensure your systems are operating functionally.
Your Constellix Team