Step-by-step guide to installing and using dig tool from BIND on Windows, macOS, and Linux for DNS queries.

Retrieve DNS Information with DIG on Windows, macOS, Linux

Table of Contents

Introduction

If you’re looking to retrieve DNS information from hostnames or IP addresses, the “dig” tool from BIND is an essential command-line utility. Whether you’re using Windows, macOS, or Linux, mastering dig can simplify DNS queries and provide valuable insights into domain configurations. This article will guide you through installing dig on these operating systems and show you how to use it for common DNS record queries like A, NS, MX, and SOA. With clear, step-by-step instructions, you’ll be ready to leverage dig for all your DNS troubleshooting needs.

What is dig?

Dig is a tool used to look up DNS information about websites or IP addresses. It helps users find details like the IP address of a website, the names of the servers that manage its domain, and other related information. This tool works through a command-line interface, and users can install it on different operating systems, including Windows, macOS, and Linux. Once installed, it can be used to run various queries to check DNS records.

Installing dig

You can install dig on most operating systems by downloading the latest version of BIND 9 from BIND’s website, or by using a package manager from the command line. This makes it really easy to get dig set up no matter what operating system you’re on, allowing you to pull DNS info from different systems. Here’s how you can install dig on Windows, macOS, and Linux.

Windows Installation

To install dig on a Windows machine, start by heading over to BIND’s website and downloading the latest version of BIND 9. Once the installation file is downloaded, extract it to a folder on your system. Then, double-click the BINDinstall icon in the folder to kick off the installation process.

When the BIND 9 Installer screen pops up, check that the target directory is set to C:\Program Files\ISC BIND 9 (or C:\Program Files (x86)\ISC BIND 9 if you’re running an x86 version). Don’t forget to tick the “Tools Only” box before moving on and hitting Install.

Once BIND 9 is installed, the next step is to make sure you can use dig from the command line. You’ll need to add BIND to your system’s PATH. To do this, go into the Windows Control Panel, click on System Properties, and then head over to the Advanced tab. From there, click on Environment Variables.

In the System Variables section, find the Path variable, select it, and click Edit. In the Edit environment variable screen, click New and enter the path to the BIND 9 bin folder: C:\Program Files\ISC BIND 9\bin (or C:\Program Files (x86)\ISC BIND 9 for x86 systems). After you add the path, click OK to close all the windows and confirm the change.

Now that you’ve set the path, open up a new Command Prompt window and check if dig is installed by running the command 

$ dig -v
. This should show the version info for dig. If it doesn’t, it probably means there’s an issue with your PATH configuration, so you might want to go back and double-check that the path is set up correctly.

macOS Installation

On macOS, dig is usually already installed, so you can just jump into the Terminal and use it right away. To check if dig’s already set up, run 

dig -v
in the Terminal. If it returns the version info, you’re good to go!

If you don’t see the version info and get an error message instead, it means you’ll need to install BIND manually. Don’t worry, it’s easy. First, you need to make sure Homebrew is installed on your system. You can check by running the command 

brew -v
in the Terminal. If Homebrew is missing, you can install it with this command:

/usr/bin/ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)”

Once Homebrew is installed, you can install BIND by running:

brew install bind

After BIND is installed, run 

dig -v
again in the Terminal. This time, you should see the version number appear, confirming that dig is installed and ready to go on your macOS system.

Linux Installation

On most Linux distributions, dig is already installed by default, so you can usually just open a terminal and get started. To check if dig is installed, open your terminal and run 

dig -v
. If you see the version info, then dig is good to go. If not, you’ll need to install it manually.

To install dig on Linux, you’ll need to get the dnsutils package, which includes dig along with other DNS tools. If you’re using a system with the apt-get package manager (like Ubuntu or Debian), run the following commands:

$ sudo apt-get update

$ sudo apt-get install dnsutils

These commands update your package list and install the required tools. Once that’s done, run 

dig -v
in the terminal again, and you should see the version info appear, confirming that dig is installed successfully.

With these installation steps, you’ll be able to use dig on Windows, macOS, or Linux to grab DNS information and troubleshoot domain issues like a pro.

Read more about setting up and configuring BIND and dig for DNS queries in this comprehensive guide on how to install and use the dig tool for troubleshooting DNS records DNS and BIND (4th Edition).

Windows Installation

To install dig for Windows, start by going to BIND’s website and downloading the latest version of BIND 9. This version comes with the dig tool and all the other necessary parts for DNS querying. Once the file is downloaded, extract it to a folder of your choice. After extracting, double-click the BINDinstall icon in the folder to start the installation process.

When you see the BIND 9 Installer screen, make sure the target directory is set correctly. The default directory is C:\Program Files\ISC BIND 9 , but if you’re using a 32-bit system (x86 architecture), it might be C:\Program Files (x86)\ISC BIND 9 . Don’t forget to check the “Tools Only” box so you only install the essential tools, like dig , and not any extra services. Once everything looks good, click the Install button to move forward with the installation.

Once BIND 9 is installed, the next step is to add BIND to your system’s PATH variable. This is so you can access dig from any command prompt window, no matter where you are. To do this, go into your Windows Control Panel, find System Properties, and click on the Advanced tab. Then, click on Environment Variables.

In the Environment Variables section, scroll down under System Variables and find the “Path” variable. Select it, then click Edit. In the Edit environment variable window, click New and add the path to the BIND 9 installation directory. By default, it should be C:\Program Files\ISC BIND 9\bin (or C:\Program Files (x86)\ISC BIND 9\bin if you’re using an x86 system). After adding the path, click OK to save the change.

Once that’s done, click OK again in the Edit Variables window, then in the System Properties window. Now that the path is updated, it’s time to test the installation of dig . Open a new Command Prompt window and type:

$ dig -v

to check if it’s working. If it shows the version info for dig , you are all set!

For a detailed guide on configuring DNS tools and their installation on Windows, check out this insightful resource How to Install and Configure BIND9 on Windows.

macOS Installation

On macOS, dig is usually already installed, which is great because that means you can jump straight into using it through the Terminal without any extra setup. To check if dig is already good to go, just open the Terminal and type dig -v . If everything is working as it should, this will show you the version information for dig , confirming it’s installed and ready.

But here’s the thing—if you don’t see the version info and get an error instead, it means dig isn’t installed yet. No worries though! You can still get it by installing BIND, which comes with dig . BIND is open-source software that handles DNS stuff, and it includes all the tools you need for DNS queries, including dig .

To get BIND on your macOS, you’ll need to use Homebrew. Homebrew is this awesome package manager that makes installing software on macOS super easy from the command line. To check if you already have Homebrew, type brew -v in your Terminal. If it’s installed, you’ll see the version number pop up.

If it’s not installed, don’t stress! You can install it by running this command in your Terminal:

$ /usr/bin/ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)”

This will download and set up Homebrew on your macOS system. Once Homebrew is ready to go, you can install BIND by running this command:

$ brew install bind

After BIND is installed, run dig -v again in your Terminal to make sure dig is now working. If it shows the version info, then boom! You’re all set to start using dig for DNS queries. With BIND and dig up and running, you’re ready to troubleshoot DNS issues and grab DNS records with ease.

For more details on using Homebrew for software installation on macOS, check out this comprehensive guide How to Install Homebrew on macOS.

Linux Installation

On most Linux systems, dig is usually already installed as part of the operating system’s package set. This is super handy because it means you can start using dig right away from the command line without any extra installation steps. To quickly check if dig is ready to go, all you need to do is run the command 

$ dig -v
in your terminal. If it spits out version information about dig , then you’re all set—it’s already installed and ready to rock.

But here’s the thing—if you don’t see version info or get an error message instead, that means dig isn’t installed. Don’t worry though, you can fix this by installing the necessary package that includes dig . On many Linux distributions, dig is bundled in with the dnsutils package, which has a bunch of DNS tools like dig , nslookup , and more.

To install dnsutils on a system that uses the apt-get package manager (like Ubuntu or Debian), just run these commands:

$ sudo apt-get update

$ sudo apt-get install dnsutils

The first command makes sure your package list is up to date, so you’re getting the latest versions of available software. The second command installs dnsutils , which will give you dig and other handy DNS tools. Once that’s done, you can run the 

$ dig -v
command again to make sure dig is installed and working properly.

After installation, dig will be ready for use, and you can start querying DNS records to troubleshoot domain issues or grab any other relevant DNS data. It’s a super useful tool, especially if you’re a network administrator, developer, or just someone who works with DNS queries on Linux.

For more detailed guidance on managing DNS utilities on Linux, take a look at this helpful article How to Install and Use DNSUtils on Linux.

Common dig Commands

Here are some common dig commands that you can use to grab DNS info about a hostname. These commands let you do different kinds of DNS queries, depending on the specific records you want to get. Just run any of these examples in your terminal to see the output and get DNS details about a hostname.

dig <hostname>

Example: 

$ dig example.com

Description: This one gets the A records (Address records) for the hostname you specified. Essentially, it gives you the IP addresses linked to the domain name you’re asking about.

dig <hostname> any

Example: 

$ dig example.com any

Description: This command pulls up all the available DNS records for the hostname, including A, NS (Name Server), SOA (Start of Authority), and more. It’s like a full snapshot of all the DNS data for the domain.

dig @<name server address> <hostname> <record type>

Example: 

$ dig @ns1.caasify.com example.com MX

Description: With this command, you’re asking a specific name server for DNS records directly, instead of going through your default ISP’s resolver. You can even specify a record type (like MX for mail exchange) if you just want to get that info for the hostname.

dig <hostname> <record type>

Example: 

$ dig example.com NS

Description: This command asks for DNS records of a specific type. In this case, it grabs the NS (Name Server) records, which tell you which servers are in charge of managing the domain.

dig <hostname> +short

Example: 

$ dig example.com +short

Description: This one gives you a simplified output, just showing the IP addresses for all A records associated with the hostname. It leaves out the extra stuff like TTL (Time to Live) or additional sections, just giving you the essentials.

dig <hostname> +trace

Example: 

$ dig example.com +trace

Description: Adding the +trace option tells dig to follow the query all the way from the root name servers, showing you how each server in the chain is involved in resolving the query. It’s a useful way to see the whole DNS resolution process.

These dig commands give you one or more sections of info about the DNS records for a hostname, depending on the query syntax. For example, when running the command 

$ dig example.com
, the results could look something like this:

Output 

; <<>> DiG 9.10.6 <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50169
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 6108 IN A 93.184.216.34
;; AUTHORITY SECTION:
example.com. 52437 IN NS b.iana-servers.net.
example.com. 52437 IN NS a.iana-servers.net.
;; ADDITIONAL SECTION:
a.iana-servers.net. 195 IN A 199.43.135.53
a.iana-servers.net. 195 IN AAAA 2001:500:8f::53
b.iana-servers.net. 195 IN A 199.43.133.53
b.iana-servers.net. 195 IN AAAA 2001:500:8d::53

The most important sections you’ll usually care about are:

Question Section

This just confirms the query you made to the DNS. In the example, 

$ dig
asked about the A records for “example.com.”

Answer Section

This is where you get the actual records returned by the query. It’s usually the most important part. In the example, 

$ dig
returned the A record for the IP address 93.184.216.34.

Authority Section

Here, you’ll see the authoritative name servers that handle the DNS records for the queried hostname. This can be helpful if you need to check the current delegation of a hostname.

Additional Section

This section includes any extra info that the resolver might send along with the original query answer. For example, it could show you the IP addresses of the name servers for “example.com” in addition to the A record information.

For a deeper dive into DNS commands and their use, check out this detailed guide on common DNS queries and troubleshooting techniques Common DNS Queries and Troubleshooting Techniques.

Understanding dig Command Output

The dig command is pretty handy because it gives you a detailed breakdown of a hostname’s DNS records. Depending on what you ask it to do, you’ll get different sections of information. Each part of the output reveals something useful, helping you understand how DNS queries work and what records belong to a domain. Here’s an example of the results you might see when you run dig example.com :


; <<>> DiG 9.10.6 <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50169
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 6108 IN A 93.184.216.34
;; AUTHORITY SECTION:
example.com. 52437 IN NS b.iana-servers.net.
example.com. 52437 IN NS a.iana-servers.net.
;; ADDITIONAL SECTION:
a.iana-servers.net. 195 IN A 199.43.135.53
a.iana-servers.net. 195 IN AAAA 2001:500:8f::53
b.iana-servers.net. 195 IN A 199.43.133.53
b.iana-servers.net. 195 IN AAAA 2001:500:8d::53

So, what does all this mean? Let’s break down the most important sections of the dig output:

  • Question Section: This just confirms what you asked for. In this example, you’re asking for the A record (which is the IP address) for example.com. It’s basically a confirmation of the query you sent out to the DNS.
  • Answer Section: Here’s where the magic happens—the answer you were looking for. In this case, dig gave you the A record for example.com, which is the IP address 93.184.216.34. This is the key info you’re usually after when you’re checking DNS records for a domain.
  • Authority Section: This part shows you which name servers are the “authoritative” ones for the domain’s DNS records. Basically, these servers have the official answers. So, in this case, a.iana-servers.net and b.iana-servers.net are in charge of the example.com DNS records.
  • Additional Section: This section is like the bonus round of DNS info. It gives you extra details that might be helpful, like IP addresses for the authoritative name servers. In this case, you get both IPv4 and IPv6 addresses for a.iana-servers.net and b.iana-servers.net.

By understanding these sections, you can get a full picture of what’s going on with the DNS resolution process. Whether you’re troubleshooting DNS issues or just checking on a domain’s records, this breakdown will help you make sense of what’s being returned.

For a deeper understanding of DNS queries and how to interpret results, you can explore this guide on interpreting DNS query outputs Understanding DNS Query Types and Outputs.

Conclusion

In conclusion, the “dig” tool from BIND is a powerful command-line utility that allows you to easily retrieve DNS information on Windows, macOS, and Linux systems. Whether you need to check A, NS, MX, or SOA records, mastering dig is essential for any network administrator or developer working with DNS. By following the step-by-step instructions in this guide, you can quickly set up dig and begin troubleshooting domain-related issues with ease. As DNS queries continue to evolve, tools like dig will remain invaluable for gaining deeper insights into domain configurations and ensuring network reliability.

Master Linux SED Command: Text Manipulation and Automation Guide

Picture of Alireza Pourmahdavi

Alireza Pourmahdavi

I’m Alireza Pourmahdavi, a founder, CEO, and builder with a background that combines deep technical expertise with practical business leadership. I’ve launched and scaled companies like Caasify and AutoVM, focusing on cloud services, automation, and hosting infrastructure. I hold VMware certifications, including VCAP-DCV and VMware NSX. My work involves constructing multi-tenant cloud platforms on VMware, optimizing network virtualization through NSX, and integrating these systems into platforms using custom APIs and automation tools. I’m also skilled in Linux system administration, infrastructure security, and performance tuning. On the business side, I lead financial planning, strategy, budgeting, and team leadership while also driving marketing efforts, from positioning and go-to-market planning to customer acquisition and B2B growth.