Notes on exploring DNS via dig. DIG = "Domain Internet 1. Basic dig % dig greatwhite.ics.cs.cmu.edu ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.3 <<>> greatwhite.ics.cs.cmu.edu ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17350 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 Above section provides information about dig version & what the query was ;; QUESTION SECTION: ;greatwhite.ics.cs.cmu.edu. IN A Query was for an Internet address ;; ANSWER SECTION: greatwhite.ics.cs.cmu.edu. 2988 IN A 128.2.220.10 TTL: Will keep in cache for up to 2988 seconds (< 5 minutes) Got Internet (IN) host address (A) 128.2.220.10 ;; AUTHORITY SECTION: Name servers for this zone cs.cmu.edu. 427 IN NS AC-DDNS-3.NET.cs.cmu.edu. cs.cmu.edu. 427 IN NS AC-DDNS-2.NET.cs.cmu.edu. cs.cmu.edu. 427 IN NS AC-DDNS-1.NET.cs.cmu.edu. ;; ADDITIONAL SECTION: IP addresses of name servers AC-DDNS-2.NET.cs.cmu.edu. 2080 IN A 128.2.184.228 AC-DDNS-1.NET.cs.cmu.edu. 2080 IN A 128.2.184.227 AC-DDNS-3.NET.cs.cmu.edu. 2080 IN A 128.2.184.229 ;; Query time: 0 msec ;; SERVER: 128.2.1.11#53(128.2.1.11) ;; WHEN: Tue Nov 6 09:00:35 2012 ;; MSG SIZE rcvd: 183 2. Stepping through DNS hierarchy ## Have dig do the work % dig +trace greatwhite.ics.cs.cmu.edu Single stepping 260 9:23 dig +norecurse @a.root-servers.net NS greatwhite.ics.cs.cmu.edu 261 9:23 dig +norecurse @g.edu-servers.net NS greatwhite.ics.cs.cmu.edu 264 9:29 dig +norecurse @nsauth1.net.cmu.edu NS greatwhite.ics.cs.cmu.edu 266 9:30 dig +norecurse @AC-DDNS-2.NET.cs.cmu.edu NS greatwhite.ics.cs.cmu.edu 3. Reverse DNS # IPv4 % dig +trace -x 128.2.220.10 # IPv6 % dig +trace -x 2001:503:cc2c::2:36 4. Observing dynamic DNS Repeat: % dig +short www.google.com See same addresses being permuted. Would see different addresses if in different part of country / world.