How to test your DNS zones using dig
Dig
or domain information groper
is a command line tool used to query domain information on DNS servers. You can use it to troubleshoot DNS issues.
Dig
is installed by default on most Unix operating systems. You will however need to install it if you are using Windows.
This page shows you how to use the dig
command to perform some common DNS tests. You do not need to have registered domains with Scaleway Domains and DNS to use this documentation page, but if you are using Scaleway Domains and DNS, refer to the Before you start section.
Before you start
To complete the actions presented below, you must have:
- A Scaleway account logged into the console
- Added external domains with Scaleway Domains and DNS or not
- Owner status of the Organization in which the actions will be performed, or be an IAM user with the necessary permissions
- Installed
dig
How to perform a basic DNS query
Open a terminal and paste the following command to get a general overview of your domain’s DNS configuration.
dig <your-domain.com>
This command could be useful if you want to verify the DNS configuration of a website before migrating it to a new server, for example. By running dig
without any additional arguments, you can see if the domain’s DNS records are resolving correctly and if you need to make any changes before the migration.
How to query a specific record type
The following command allows you to retrieve your domain’s DNAME record. This command allows you to focus on particular aspects of your domain’s DNS configuration.
dig <your-domain.com> DNAME
This command could also be useful if you are troubleshooting email delivery issues for a domain, for example. By querying the domain’s MX record with dig
, you can verify that the mail server listed is correct and accessible. If there is an issue with email delivery, checking your domain’s MX record can help pinpoint potential misconfigurations.
How to perform a reverse DNS lookup
The following command allows you to verify the authenticity of an IP address, identify its associated domain name, and check for misconfigurations or suspicious activity.
dig -x <IP address>
This command could be useful if you notice unusual traffic originating from an IP address in your server logs, for example. Performing a reverse DNS lookup with dig can reveal the domain name associated with that IP address. This information can help you determine if the traffic is legitimate or if further investigation is needed to address potential security threats.
How to query a specific DNS server
The following command allows you to query a specific DNS server. Querying a specific DNS server is useful for troubleshooting DNS issues, checking DNS propagation, and verifying the accuracy of DNS configurations. It allows you to test how different DNS servers resolve domain names, ensuring your DNS records are properly propagated and resolving as intended.
dig @<DNS_SERVER_IP> <your-domain.com>
You do not need to have a domain with the provider of the DNS server you are querying for your dig command to work. You can query any DNS server for any domain name to check how that specific DNS server resolves the domain. This is useful for verifying DNS resolution and propagation from different DNS servers regardless of where the domain is registered.
Make sure that you replace <<DNS_SERVER_IP>
with the IP of the desired DNS server, and <your-domain.com>
with your actual domain.