Introduction to DNS Querying with Drill (with examples)
DNS (Domain Name System) is a fundamental protocol of the Internet that translates human-readable domain names into IP addresses. Drill is a command-line tool that allows users to perform various DNS queries and obtain information about a domain. In this article, we will explore eight different use cases of the drill
command and provide code examples for each.
1. Lookup the IP(s) associated with a hostname (A records)
drill example.com
Motivation: This use case is helpful when you need to determine the IP address(es) associated with a specific hostname or domain. It is commonly used to verify the correctness of DNS configurations.
Explanation: In this command, we simply provide the domain name (example.com) as an argument to drill
. This will perform an A record lookup, which returns the IP address(es) associated with the specified domain.
Example Output:
;; ANSWER SECTION:
example.com. 3600 IN A 93.184.216.34
The output above indicates that the IP address of example.com
is 93.184.216.34
.
2. Lookup the mail server(s) associated with a given domain name (MX record)
drill mx example.com
Motivation: When setting up email services, it is important to know the mail server(s) responsible for handling emails for a specific domain. This use case allows us to query the MX records of a domain and obtain information about mail servers.
Explanation: Adding the mx
parameter to the drill
command instructs it to perform an MX record lookup. This will return the mail server(s) associated with the specified domain.
Example Output:
;; ANSWER SECTION:
example.com. 300 IN MX 10 mx.example.com.
;; ADDITIONAL SECTION:
mx.example.com. 3600 IN A 203.0.113.10
The output above indicates that the primary mail server for example.com
is mx.example.com
, with an IP address of 203.0.113.10
.
3. Get all types of records for a given domain name
drill any example.com
Motivation: Sometimes we need to gather comprehensive information about a domain, including all available DNS records. This use case allows us to retrieve all record types associated with the specified domain.
Explanation: The any
parameter instructs drill
to retrieve all types of records available for the given domain name.
Example Output:
;; ANSWER SECTION:
example.com. 3600 IN A 93.184.216.34
example.com. 3600 IN NS a.iana-servers.net.
example.com. 3600 IN NS b.iana-servers.net.
example.com. 3600 IN SOA a.iana-servers.net. hostmaster.iana.org. 2023091800 7200 3600 1209600 3600
;; ADDITIONAL SECTION:
a.iana-servers.net. 1800 IN A 199.43.132.53
b.iana-servers.net. 1800 IN A 199.43.133.53
The output above displays all available records for example.com
, including the A record, NS records, and SOA record.
4. Specify an alternate DNS server to query
drill example.com @8.8.8.8
Motivation: By default, drill
queries the DNS server specified in the system’s network configuration. However, there may be situations where we want to query a specific DNS server, such as for testing or troubleshooting purposes.
Explanation: The @
symbol followed by the IP address 8.8.8.8
specifies an alternate DNS server to query. In this example, we query the domain example.com
using Google’s Public DNS server (8.8.8.8
).
Example Output:
;; ANSWER SECTION:
example.com. 600 IN A 93.184.216.34
The output above confirms that the IP address of example.com
is 93.184.216.34
, obtained by querying the specified DNS server.
5. Perform a reverse DNS lookup on an IP address (PTR record)
drill -x 8.8.8.8
Motivation: Reverse DNS lookup is the process of resolving an IP address to a domain name. This use case is useful when you have an IP address and want to find the associated domain name.
Explanation: The -x
option followed by the IP address 8.8.8.8
instructs drill
to perform a reverse DNS lookup. It will return the PTR record associated with the specified IP address.
Example Output:
;; ANSWER SECTION:
8.8.8.8.in-addr.arpa. 3600 IN PTR dns.google.
The output above indicates that the domain name associated with the IP address 8.8.8.8
is dns.google
.
6. Perform DNSSEC trace from root servers down to a domain name
drill -TD example.com
Motivation: DNSSEC (Domain Name System Security Extensions) provides additional security by adding digital signatures to DNS records. This use case allows us to trace the DNSSEC chain from the root servers down to a specific domain name.
Explanation: The -TD
option followed by the domain name example.com
instructs drill
to perform a DNSSEC trace. It will display the signed DNS records at each step of the DNSSEC chain.
Example Output:
;; Validating signature.;; ok
;; ANSWER SECTION:
example.com. 3600 IN A 93.184.216.34
;; ADDITIONAL SECTION:
example.com. 3600 IN RRSIG A 7 3 3600 20230207234855 20230108234855 48598 example.com. [signature]
[Other DNSSEC-related output]
The output above shows the A record for example.com
along with additional DNSSEC information, such as RRSIG (Resource Record Signature).
7. Show DNSKEY record(s) for a domain name
drill -s dnskey example.com
Motivation: DNSKEY records hold the public keys used to verify DNSSEC signatures. This use case allows us to retrieve the DNSKEY records for a specific domain.
Explanation: The -s dnskey
option followed by the domain name example.com
instructs drill
to show the DNSKEY records associated with that domain.
Example Output:
;; ANSWER SECTION:
example.com. 3600 IN DNSKEY 256 3 7 [public key]
;; ADDITIONAL SECTION:
example.com. 3600 IN RRSIG DNSKEY 7 2 3600 20230207234855 20230108234855 48598 example.com. [signature]
[Other DNSSEC-related output]
The output above displays the DNSKEY record for example.com
, along with additional DNSSEC information, such as RRSIG (Resource Record Signature).
Conclusion
In this article, we explored eight different use cases of the drill
command for performing DNS queries. From looking up IP addresses to retrieving DNSSEC information, drill
provides a versatile toolset for DNS troubleshooting, configuration verification, and security analysis. By understanding these use cases and the provided code examples, you will be able to leverage drill
effectively in your DNS-related tasks.