3 Simple Ways to Check DNS (Domain Name Server) Records in the Linux Terminal

There are many third party websites that can verify a domain’s DNS records.

There are some applications on Linux that can verify this information from your terminal. Why can’t you try?

As I spend more time in the terminal, I look for a viable option from the terminal for any purpose.

This is not just for me, I know many NIX guys are looking for these kinds of options for their daily operations.

As a Linux administrator, you should know this little geek that checks domain DNS records from the Linux terminal.

This little geek can help you to check DNS records information when you don’t have a GUI (on the headless server)

There are three command line applications available on Linux to verify this information. These applications are listed below.

  • host Command
  • dig Command
  • nslookup Command

Use one of the below utility to verify domain owner information from the Linux terminal.

What’s Domain Name System (DNS)?

DNS stands for Domain Name System or Domain Name Servers translates Internet domain and host names to IP addresses and vice versa.

DNS is a hierarchical decentralized naming system for computers, services, or other resources connected to the Internet or a private network.

It’s basically mapping files that tell the DNS server which IP address each domain or host is associated with, and how to handle requests sent to each domain.

It stores various information about a domain & host such as A, AAAA, CNAME, MX, PTR, NS, SOA, SRV, TXT, and NAPTR.

A Record : A record stands for Address record. The ‘A’ record specifies the IP address (IPv4) of a host. Whenever DNS server get a query to resolve domain-name, it will refer the A record to answer the IP address.

AAA Record : The ‘AAA’ record specifies the IP address (IPv6) of a host.

NS Record : NS Record stands for Name Server record. NS Records maps a domain name to a list of authoritative DNS servers.

MX Record : MX Record stands for mail exchange record. MX Records maps a domain name to a list of mail exchange servers.

PTR Record : PTR record stands for Reverse lookup record or Pointer record. A PTR record maps the IP address to a specific host.

CNAME Record : CNAME Record stands for Canonical Name. CNAME record is used to create aliases that point to other names such as WWW, FTP, MAIL & subdomains to a domain name. Example : a CNAME record can associate the subdomain www.2daygeek.com with 2daygeek.com

SOA Record : SOA record stands for Start of Authority records. SOA records contain information about a DNS zone such as Primary nameserver, Hostmaster E-mail address, zone file seriel number, zone transfer interval and zone expiry details.

TXT Record : TXT Record stands for text record. A TXT record is a type of DNS record that provides text information to sources outside your domain. The text can be either human-or machine-readable and can be used for a variety of purposes.

SPF Record : SPF Record stands for Sender Policy Framework. SPF is an extension to the SMTP mail protocol which is used for e-mail authentication.

SPF record used to verifies that the message came from an authorized mail server or not. SPF is designed to detect SPAM & PHISHING mail sender’s, IP address which was included in e-mail header.

DKIM Record : DKIM record stands for Domain Keys Identified Mail. DKIM is an email validation system designed to detect email spoofing by providing encryption authentication to receiving mail exchangers.

It will check whether the incoming mail domain is authorized by the domain’s administrators and that the email (including attachments) has not been modified during transport.

A digital signature included with the message can be validated by the recipient using the signer’s public key published in the DNS.

1) How to Check a DNS Records of a Domain Using the dig Command

dig command stands for “domain information groper” is a flexible tool for interrogating DNS name servers. It performs DNS lookup and displays the answers that are returned from the name server(s) that were queried.

Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.

# dig google.com ANY +noall +answer

google.com.		282	IN	A	216.58.199.142
google.com.		282	IN	AAAA	2404:6800:4009:806::200e
google.com.		21582	IN	CAA	0 issue "pki.goog"
google.com.		21582	IN	NS	ns1.google.com.
google.com.		582	IN	MX	30 alt2.aspmx.l.google.com.
google.com.		42	IN	SOA	ns1.google.com. dns-admin.google.com. 275230101 900 900 1800 60
google.com.		282	IN	TXT	"docusign=1b0a6754-49b1-4db5-8540-d2c12664b289"
google.com.		21582	IN	NS	ns2.google.com.
google.com.		582	IN	MX	10 aspmx.l.google.com.
google.com.		582	IN	MX	50 alt4.aspmx.l.google.com.
google.com.		3582	IN	TXT	"globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
google.com.		3582	IN	TXT	"v=spf1 include:_spf.google.com ~all"
google.com.		282	IN	TXT	"docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
google.com.		21582	IN	NS	ns4.google.com.
google.com.		21582	IN	NS	ns3.google.com.
google.com.		582	IN	MX	20 alt1.aspmx.l.google.com.
google.com.		3582	IN	TXT	"facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
google.com.		582	IN	MX	40 alt3.aspmx.l.google.com

2) How to Check a DNS Records of a Domain Using the nslookup Command

nslookup command is a program to query Internet domain name servers. Nslookup has two modes interactive and non-interactive.

Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain.

Non-interactive mode is used to print just the name and requested information for a host or domain. It’s network administration tool which will help them to check and troubleshoot DNS related issues.

# nslookup -type=any google.com

Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
Name:	google.com
Address: 216.58.199.142
Name:	google.com
Address: 2404:6800:4009:806::200e
google.com	rdata_257 = 0 issue "pki.goog"
google.com	nameserver = ns1.google.com.
google.com	mail exchanger = 30 alt2.aspmx.l.google.com.
google.com
	origin = ns1.google.com
	mail addr = dns-admin.google.com
	serial = 275230101
	refresh = 900
	retry = 900
	expire = 1800
	minimum = 60
google.com	text = "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289"
google.com	nameserver = ns2.google.com.
google.com	mail exchanger = 10 aspmx.l.google.com.
google.com	mail exchanger = 50 alt4.aspmx.l.google.com.
google.com	text = "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
google.com	text = "v=spf1 include:_spf.google.com ~all"
google.com	text = "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
google.com	nameserver = ns4.google.com.
google.com	nameserver = ns3.google.com.
google.com	mail exchanger = 20 alt1.aspmx.l.google.com.
google.com	text = "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
google.com	mail exchanger = 40 alt3.aspmx.l.google.com.

Authoritative answers can be found from:

3) How to Check a DNS Records of a Domain Using the host Command

host command is a simple utility for performing DNS lookup. It is normally used to convert names to IP addresses and vice versa. When no arguments or options are given, host prints a short summary of its command line arguments and options.

# host -a 2daygeek.com

Trying "2daygeek.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59145
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:
;2daygeek.com.                  IN      ANY

;; ANSWER SECTION:
2daygeek.com.           86321   IN      SOA     ns1.2daygeek.in. jeyakabil.gmail.com. 2013110202 86400 7200 3600000 86400
2daygeek.com.           14233   IN      TXT     "v=spf1 ip4:182.71.233.70 +a +mx +ip4:49.50.66.31 ?all"
2daygeek.com.           12127   IN      MX      0 2daygeek.com.
2daygeek.com.           12127   IN      A       182.71.233.70
2daygeek.com.           84127   IN      NS      ns1.2daygeek.in.
2daygeek.com.           84127   IN      NS      ns2.2daygeek.in.

;; AUTHORITY SECTION:
2daygeek.com.           84127   IN      NS      ns2.2daygeek.in.
2daygeek.com.           84127   IN      NS      ns1.2daygeek.in.

;; ADDITIONAL SECTION:
2daygeek.com.           12127   IN      A       182.71.233.70
ns1.2daygeek.in.       12127   IN      A       182.71.233.70
ns2.2daygeek.in.       12127   IN      A       182.71.233.70

Received 304 bytes from 83.170.69.2#53 in 13 ms

Magesh Maruthamuthu

Love to play with all Linux distribution

You may also like...