Querying a specific name server using dig
A practical tip on how to avoid cached results when looking up DNS records.
To avoid having to remember IP addresses we can use DNS, which makes it
possible to associate IP addresses with domain names. Sometimes we need to
test or troubleshoot these systems, which is where the DNS lookup utility
dig comes into play.
The simplest query you can make is
dig followed by a
$ dig nytimes.com
That type of query makes a recursive DNS request using your locally specified DNS server. This means that the answer can and often will be a cached result.
What you really want is an up-to-date
answer from an authoritative name server for that domain, which you can get
by adding an argument, the
@ symbol followed by the
$ dig @<dns-server> nytimes.com
The simplest way to find out which name servers are authoritative is to
$ whois nytimes.com
Another way is to actually use the
dig command it self,
ns. Note that this also could give a cached result,
$ dig ns nytimes.com +noall +answer ; <<>> DiG 9.8.3-P1 <<>> ns nytimes.com +noall +answer ;; global options: +cmd nytimes.com. 232 IN NS ns1.p24.dynect.net. nytimes.com. 232 IN NS ns2.p24.dynect.net. nytimes.com. 232 IN NS ns3.p24.dynect.net. nytimes.com. 232 IN NS ns4.p24.dynect.net. nytimes.com. 232 IN NS dns.ewr1.nytimes.com. nytimes.com. 232 IN NS dns.sea1.nytimes.com.
Pro-tip: If you just want the answer section, add
+answer as arguments to the command.
So finally this would be an example of how to query a specific
authoritative DNS server for
$ dig @ns1.p24.dynect.net nytimes.com