Oct 29, 2022 3 min read

Dig Command in Linux Explained

Table of Contents

The ‘dig’ command is commonly used among system/network administrators in Linux. It is an acronym for ‘Domain Information Groper’ and it’s intended to query the DNS of a given server and allows to know the answers from the queried domain servers.

Let’s see how the command works and how to understand its output:

dig command execution
dig command execution

The very first line outputs the version of the program (9.11.3) and indicates from where to where is the query being launched. In this case, it’s from my ubuntu machine to linuxhandbook.com server.

Then it displays the answer obtained by the (domain) server. It displays the address that the name linuxhandbook.com in an A record type is being pointed to. This could be or could not be the IP address of the server, because if something uses a DNS firewall or a “façade” server for security purposes or filter, we would see that first, but this is not the case with linuxhandbook.com server. In many cases, dig is good enough to find the IP address of a website.

Lastly, it will give stats about the query, which can be useful if we are assessing the speed involved in the query.

OK, but what is the usage or value of the Dig command?

Well, in reality, it is useful depending on what type of information you are looking for. Keep in mind you have to know a little bit about DNS first, like what type of DNS records exist and what are they used for.

A common example would be to know where a particular domain hosts its emails. In this case:

using dig to know what’s the mx record of a domain
using dig to know what’s the mx record of a domain

We try to ‘dig’ the MX record for the domain microsoft.com, as we would like to know where it is hosted. We see it replies it is:


This is Microsoft’s email protection service, which they use to protect anything coming in and coming out of the domain microsoft.com via email, and this way prevent viruses, trojans, spam, etc.

What if I want to know more about an IP?

That’s another usage of the ‘dig’ command. If you pass it like this:

dig an IP
dig an IP

You can then know more about a specific IP. In this case, we used linuxhandbook.com’s reported IP with the “-x” and it replied by saying that IP belongs to cloudwayapps.com which is part of Cloudways service, the current hosting company for our linuxhandbook.com website.

Multiple digging

You can even use it to ‘dig’ several domains at the same time, by simply putting the list of domains you wish to know more information about:

dig multiple domains
dig multiple domains

In conclusion, the ‘dig’ command allows you to basically drill down information about a particular domain and/or IP, and know more about its DNS settings. The combination of options is the most important part and basically, you can always use the man pages for the command to know more about the different operators and what they can give you. I simplified the most common usages but there is plenty to dig for in this command!

Systems Engineer, technology evangelist, Ubuntu user, Linux enthusiast, father and husband.
Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to Linux Handbook.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.