oreilly.comSafari Books Online.Conferences.

Linux in a Nutshell

This directory of Linux commands is from Linux in a Nutshell, 5th Edition.

Click on any of the 687 commands below to get a description and list of available options. All links in the command summaries point to the online version of the book on Safari Bookshelf.

Buy it now, or read it online on Safari Bookshelf.


dig [@server] [options] [name] [type] [class] [query-options] dig @server name type dig -h

The dig command is used to query DNS servers; it is more flexible than the deprecated nslookup command. When invoked with just the -h option, it displays a list of options for the command. If you use it without any options or arguments, it will search for the root server. The standard arguments are:


The server to query. If no server is supplied, dig will check the nameservers listed in /etc/resolv.conf. The address may be an IPv4 dotted address or an IPv6 colon-delimited address. It may also be a hostname, which dig will resolve (through the nameservers in /etc/resolv.conf).


The domain name to look up.


The type of query to perform, such as A, ANY, MX, SIG, and so forth. The default is A, but you may use any valid BIND9 query type.


You may use the following option flags with dig:

-b address

Set the source IP address for the query.

-c class

Set the class of query. The default value is IN (internet), but you can choose HS for Hesiod or CH for CHAOSNET.

-f filename

Operate in batch mode, performing the queries in the file you specify.

-p portnumber

Choose the port number for the query. The default value is the standard DNS port, 53.

-t type

Set the type of query, as with the query argument. The default value is A, but you may use any valid BIND9 query.

-x addr

Use the -x flag for reverse lookups, specifying an IPv4 or IPv6 address. You do not need the name, class, or type arguments if you use the -x flag.

-k filename

Specify a TSIG keyfile; used for signed transactions. You can also use the -y key, although this is less secure.

-y keyname: keyvalue

Enter the actual key name and value when conducting a signed transaction. Because the key and value can be seen in the output of ps, this is not recommended for use on multiuser systems; use -k instead.

Query options

There are a large number of query options for dig. Each query option is preceded by +, and many have an opposite version beginning with no. For example, the tcp flag is passed as +tcp, and negated with +notcp. Because there are so many options, only a few are discussed here. For greater detail, see the dig manpage.

+tcp, +notcp

Use (or do not use) the TCP protocol instead of the default UDP.


Perform a search in the domain specified; this is equivalent to using the +search option and having "searchdomain" as the sole entry in the search list or domain directive of /etc/resolv.conf.

+search, +nosearch

Use (or do not use) the search list provided in /etc/resolv.conf. The default is not to use the search list.


Timeout for queries, in seconds. The default is 5, and the minimum is 1.


The number of times to retry UDP queries. The default is 3, and the minimum is 1.