How to use the command 'kdig' (with examples)
The ‘kdig’ command is an advanced DNS lookup utility that allows users to perform various DNS queries and lookups. It provides a flexible and powerful way to obtain information about DNS records, IP addresses associated with hostnames, and also supports DNS over TLS (DoT) and DNS over HTTPS (DoH) for secure queries.
Use case 1: Lookup the IP(s) associated with a hostname (A records)
Code:
kdig example.com
Motivation: One common use case for the ‘kdig’ command is to look up the IP addresses associated with a hostname (A records). This can be useful when troubleshooting network connectivity issues or verifying DNS configurations.
Explanation: The ‘kdig’ command followed by the hostname ’example.com’ performs a standard DNS lookup for the A records associated with the hostname. It queries the default DNS server configured on the system.
Example output:
;; ANSWER SECTION:
example.com. 300 IN A 93.184.216.34
Use case 2: Specify a specific DNS server to query (e.g. Google DNS)
Code:
kdig example.com @8.8.8.8
Motivation: In some cases, it may be necessary to query a specific DNS server instead of using the default DNS server configured on the system. This could be useful for testing or troubleshooting DNS configurations.
Explanation: The ‘kdig’ command followed by the hostname ’example.com’ and the ‘@8.8.8.8’ argument specifies the DNS server to query. In this example, it queries the Google DNS server.
Example output:
;; ANSWER SECTION:
example.com. 300 IN A 93.184.216.34
Use case 3: Query a specific DNS record type associated with a given domain name
Code:
kdig example.com A|AAAA|NS|SOA|DNSKEY|ANY
Motivation: Sometimes, it may be necessary to query a specific DNS record type for a given domain name. This can provide more detailed information about the domain’s DNS configuration.
Explanation: The ‘kdig’ command followed by the hostname ’example.com’ and the desired record type (A, AAAA, NS, SOA, DNSKEY, or ANY) queries the specified record type associated with the given domain name.
Example output (for A record type):
;; ANSWER SECTION:
example.com. 300 IN A 93.184.216.34
Use case 4: Lookup the IP(s) associated with a hostname using DNS over TLS (DoT)
Code:
kdig -d @8.8.8.8 +tls-ca +tls-host=dns.google example.com
Motivation: Using DNS over TLS (DoT) provides encryption and security for DNS queries, ensuring privacy and preventing DNS spoofing attacks. This use case demonstrates how to perform a DNS lookup using DoT.
Explanation: The ‘kdig’ command with the ‘-d’ flag performs a DNS lookup using DoT. The ‘@8.8.8.8’ argument specifies the DNS server to query, and the ‘+tls-ca’ and ‘+tls-host’ arguments configure the DoT settings. In this example, it queries the Google DNS server using DoT.
Example output:
;; ANSWER SECTION:
example.com. 300 IN A 93.184.216.34
Use case 5: Lookup the IP(s) associated with a hostname using DNS over HTTPS (DoH)
Code:
kdig -d @1.1.1.1 +https +tls-hostname=1dot1dot1dot1.cloudflare-dns.com example.com
Motivation: Similar to DNS over TLS, DNS over HTTPS (DoH) provides encryption and security for DNS queries. This use case demonstrates how to perform a DNS lookup using DoH.
Explanation: The ‘kdig’ command with the ‘-d’ flag performs a DNS lookup using DoH. The ‘@1.1.1.1’ argument specifies the DNS server to query, and the ‘+https’ and ‘+tls-hostname’ arguments configure the DoH settings. In this example, it queries the Cloudflare DNS server using DoH.
Example output:
;; ANSWER SECTION:
example.com. 300 IN A 93.184.216.34
Conclusion:
The ‘kdig’ command is a versatile DNS lookup utility that provides advanced features for querying DNS servers and obtaining information about DNS records. It supports various use cases, such as looking up IP addresses associated with hostnames, specifying a specific DNS server, querying specific record types, and performing DNS over TLS or DNS over HTTPS for secure queries.
