How to use the command 'drill' (with examples)

How to use the command 'drill' (with examples)

Drill is a tool designed for performing DNS (Domain Name System) queries. It’s part of the ldns suite, which is developed for managing and analyzing DNS data more effectively. Drill can be used to retrieve various types of DNS records, perform reverse DNS lookups, and even work with DNSSEC (DNS Security Extensions). As such, it is a versatile tool for both network administrators and anyone interested in diagnosing or exploring DNS information. Below are detailed examples of how to use ‘drill’ for different kinds of DNS queries.

Use case 1: Lookup the IP(s) associated with a hostname (A records)

Code:

drill example.com

Motivation:
When you are trying to identify the server or servers hosting a particular website, looking up the A records of the domain can provide you with the necessary IP addresses. This is particularly useful for network diagnostics, setting up server configurations, or troubleshooting connectivity issues.

Explanation:

  • drill: Initiates the drill command to perform a DNS query.
  • example.com: Specifies the domain whose A records you want to look up.

Example output:

;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 12345
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3 
;; QUESTION SECTION:
;; example.com.        IN      A

;; ANSWER SECTION:
example.com.   299     IN      A       93.184.216.34

Use case 2: Lookup the mail server(s) associated with a given domain name (MX record)

Code:

drill mx example.com

Motivation:
Knowing the mail servers handling email for a domain is essential when setting up email services or debugging email delivery problems. By querying MX records, you can quickly determine the path that emails will take to reach their intended recipients.

Explanation:

  • drill: Initiates the drill command to perform a DNS query.
  • mx: Specifies that you want to retrieve the MX (Mail Exchange) records.
  • example.com: The domain whose mail servers you want to check.

Example output:

;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 4321
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3 
;; QUESTION SECTION:
;; example.com.        IN      MX

;; ANSWER SECTION:
example.com.   299     IN      MX      10 mail.example.com.

Use case 3: Get all types of records for a given domain name

Code:

drill any example.com

Motivation:
To get a comprehensive view of all the available DNS records for a domain, including A, AAAA, MX, TXT, and more, using the any query type gives an extensive snapshot of the domain’s DNS settings. This is useful for auditing purposes, managing DNS configurations, or understanding the domain’s setup.

Explanation:

  • drill: Initiates the drill command.
  • any: Requests all available DNS resource records for the specified domain.
  • example.com: The target domain name for which you are querying DNS records.

Example output:

;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 54321
;; flags: qr rd ra ; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 
;; QUESTION SECTION:
;; example.com.        IN      ANY

;; ANSWER SECTION:
example.com.   299     IN      A       93.184.216.34
example.com.   299     IN      MX      10 mail.example.com.
example.com.   299     IN      TXT     "v=spf1 include:_spf.example.com ~all"
example.com.   299     IN      AAAA    2606:2800:220:1:248:1893:25c8:1946

Use case 4: Specify an alternate DNS server to query

Code:

drill example.com @8.8.8.8

Motivation:
Sometimes, it is beneficial to query a specific DNS server to see how DNS information is being propagated. Using an alternate DNS server such as Google’s public DNS (8.8.8.8) allows you to compare responses from different DNS infrastructures, diagnose propagation delays, or even bypass local DNS caches.

Explanation:

  • drill: Initiates the drill command.
  • example.com: The domain name you want to query for DNS information.
  • @8.8.8.8: Tells drill to use 8.8.8.8 as the DNS server for this query.

Example output:

;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 6789
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3 
;; QUESTION SECTION:
;; example.com.        IN      A

;; ANSWER SECTION:
example.com.   299     IN      A       93.184.216.34

Use case 5: Perform a reverse DNS lookup on an IP address (PTR record)

Code:

drill -x 8.8.8.8

Motivation:
A reverse DNS lookup is used to determine the domain name associated with an IP address, which can be crucial for verifying the identity of servers, spam filtering, or logging purposes in network management.

Explanation:

  • drill: Initiates the drill command.
  • -x: Specifies that a reverse lookup is to be performed on the given IP address.
  • 8.8.8.8: The IP address you want to query for its associated domain.

Example output:

;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 9876
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 
;; QUESTION SECTION:
;; 8.8.8.8.in-addr.arpa.        IN      PTR

;; ANSWER SECTION:
8.8.8.8.in-addr.arpa.   299     IN      PTR     google-public-dns-a.google.com.

Use case 6: Perform DNSSEC trace from root servers down to a domain name

Code:

drill -TD example.com

Motivation:
DNS Security Extensions (DNSSEC) provide a layer of security to guarantee the authenticity of DNS responses. Performing a DNSSEC trace from root servers is useful to verify whether DNSSEC is properly configured for a domain, detect misconfigurations, and ensure that domain records haven’t been tampered with.

Explanation:

  • drill: Initiates the drill command.
  • -TD: Instructs drill to perform a DNSSEC trace.
  • example.com: The domain for which you want to perform a DNSSEC trace.

Example output:

; <<>> DiG 9.11.5-P4-5.1+deb10u3-Debian <<>> +dnssec +trace example.com
;; global options: +cmd
.                       518400  IN      NS      m.root-servers.net.
;; Received 841 bytes from 192.5.5.241#53(192.5.5.241) in 52 ms

com.                    172800  IN      NS      a.gtld-servers.net.
;; Received 1177 bytes from 198.41.0.4#53(a.root-servers.net) in 104 ms

example.com.            86400   IN      NS      ns1.example.com.
;; Received 496 bytes from 192.5.6.30#53(b.gtld-servers.net) in 67 ms

Use case 7: Show DNSKEY record(s) for a domain name

Code:

drill -s dnskey example.com

Motivation:
DNSKEY records are part of DNSSEC and contain public keys for a domain. These are used in the process of validating DNS responses. Displaying DNSKEY records can help in diagnosing DNSSEC issues, configuring secure zones, or auditing the security of your domain’s DNS setup.

Explanation:

  • drill: Initiates the drill command.
  • -s: Instructs drill to display DNSSEC-related information.
  • dnskey: Directs drill to show DNSKEY records.
  • example.com: The domain you are querying for DNSKEY records.

Example output:

;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 13579
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 
;; QUESTION SECTION:
;; example.com.        IN      DNSKEY

;; ANSWER SECTION:
example.com.   599     IN      DNSKEY  256 3 7 AwEAAa3W9...

Conclusion:

Drill is a robust command-line tool for conducting DNS queries. With its various features, including querying different DNS record types, performing reverse lookups, and utilizing DNSSEC, it serves as a comprehensive utility for anyone dealing with domain and network configurations. Whether for troubleshooting, validating DNS settings, or ensuring the integrity of DNS data, the examples provided demonstrate the essential capabilities of drill in diverse use cases.

Related Posts

How to Use the Command 'handlr' (with Examples)

How to Use the Command 'handlr' (with Examples)

Handlr is a versatile command-line tool designed to manage default applications on your system.

Read More
How to Use the Command 'zipcloak' (with Examples)

How to Use the Command 'zipcloak' (with Examples)

The zipcloak command is a versatile utility designed for encrypting and decrypting the contents of a Zip archive.

Read More
How to use the command 'qm start' (with examples)

How to use the command 'qm start' (with examples)

The qm start command is a part of the Proxmox Virtual Environment, utilized for managing and controlling virtual machines within a QEMU/KVM (Kernel-based Virtual Machine) setup.

Read More