Home IT Network Systems Host, Dig

Print

Email

Host, Dig

I tend to use "dig" for DNS lookups, but it's more habit than anything else. The main page for host says "host is a simple utility for performing DNS lookup" while dig's brags "Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig."

Well, yes, dig does perhaps have more power than host, but the need for that power doesn't come up all that often and host is both easier to use and more direct with its output. For getting an ip address from a hostname, the usage is the same, either "dig hostname" or "host hostname", but "host" returns only the ip address. Almost always, that's all I care about:

$ host aplawrence.com
aplawrence.com has address 64.226.42.29
$ dig aplawrence.com

; <<>> DiG 9.2.2 <<>> aplawrence.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 187
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;aplawrence.com. IN A

;; ANSWER SECTION:
aplawrence.com. 5065 IN A 64.226.42.29

;; AUTHORITY SECTION:
aplawrence.com. 149065 IN NS ns24.worldnic.com.
aplawrence.com. 149065 IN NS ns23.worldnic.com.

;; ADDITIONAL SECTION:
ns24.worldnic.com. 172325 IN A 216.168.225.154
ns23.worldnic.com. 172325 IN A 216.168.228.14

;; Query time: 59 msec
;; SERVER: 10.1.36.249#53(10.1.36.249)
;; WHEN: Sun Apr 17 10:46:37 2005
;; MSG SIZE rcvd: 130
For reverse lookups, dig needs a "-x" while host does not:

$ host 67.28.113.10
10.113.28.67.in-addr.arpa domain name pointer mta-v4.level3.mail.yahoo.com.
$ dig -x 67.28.113.10

; <<><>> DiG 9.2.2 <<>>>> -x 67.28.113.10
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16610
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 5

;; QUESTION SECTION:
;10.113.28.67.in-addr.arpa. IN PTR

;; ANSWER SECTION:
10.113.28.67.in-addr.arpa. 1200 IN PTR mta-v4.level3.mail.yahoo.com.

;; AUTHORITY SECTION:
113.28.67.in-addr.arpa. 172800 IN NS ns1.yahoo.com.
113.28.67.in-addr.arpa. 172800 IN NS ns2.yahoo.com.
113.28.67.in-addr.arpa. 172800 IN NS ns3.yahoo.com.
113.28.67.in-addr.arpa. 172800 IN NS ns4.yahoo.com.
113.28.67.in-addr.arpa. 172800 IN NS ns5.yahoo.com.

;; ADDITIONAL SECTION:
ns1.yahoo.com. 172800 IN A 66.218.71.63
ns2.yahoo.com. 172800 IN A 66.163.169.170
ns3.yahoo.com. 172800 IN A 217.12.4.104
ns4.yahoo.com. 172800 IN A 63.250.206.138
ns5.yahoo.com. 172800 IN A 216.109.116.17

;; Query time: 210 msec
;; SERVER: 10.1.36.249#53(10.1.36.249)
;; WHEN: Sun Apr 17 10:53:29 2005
;; MSG SIZE rcvd: 255

Keep in mind that both of these are actually looking for a PTR record.

Looking up MX records is easy with either tool:

$ dig pcunix.com mx

; <<>> DiG 9.2.2 <<>> pcunix.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33484
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;pcunix.com. IN MX

;; ANSWER SECTION:
pcunix.com. 7200 IN MX 10 64.226.42.29.

;; AUTHORITY SECTION:
pcunix.com. 7200 IN NS NS39.WORLDNIC.com.
pcunix.com. 7200 IN NS NS40.WORLDNIC.com.

;; Query time: 106 msec
;; SERVER: 10.1.36.249#53(10.1.36.249)
;; WHEN: Sun Apr 17 14:46:11 2005
;; MSG SIZE rcvd: 103

But again "host" just gives us the bare facts:

$ host -t MX pcunix.com
pcunix.com mail is handled by 10 64.226.42.29.

Another common use is to look up using some other DNS server. I'll do this to check for propagation progress and sometimes for errors:

$ dig @NS40.WORLDNIC.com yahoo.com
..(typical dig output)
$ host www.yahoo.com NS40.WORLDNIC.com
Using domain server:
Name: NS40.WORLDNIC.com
Address: 216.168.225.170#53
Aliases:

Again, host tells us less, but more directly gives what we usually want to see.

There are more options for both commands; this only covered the basic usage.