What You dig and How You dig It

The Domain Internet Groper, or dig, as most of us know it, is considered by pretty much everybody in the ‘nix community to be the replacement to nslookup. And I have long been madly in like with it. Not sure why, though. nslookup has never been a disappointment. Maybe it’s because dig is newer and less known and that helps me feel smart when I use it. Or maybe it’s because it’s not natively supported on Windows OS’ and that …make me feel smart when I use it. Or maybe it’s just better.

No matter why you like it, dig needs to be down with IPv6 in order to be useful. And it is. dig is fully prepared to tell you what you need to know about the IPv6 view of the world. dig’s syntax is fairly simple. Here’s a quick intro:

  • dig www.he.net – This simple query returns the A (Address) record. As of today, this is an IPv4 address.
  • dig aaaa www.het.net – This query asks DNS for the ipv6 address record (called a ‘quad A’ record). This is an IPv6 address (if it exists). It is perfectly plausible that this query is sent to the DNS server using IPv4 packets. The answer from the DNS server, however, contains an IPv6 address.
  • dig -6 aaaa www.he.net – This query forces dig to send the DNS query in an IPv6 packet. By adding the -6 option you are telling dig that it can’t use IPv4 to ask the questions. If successful, a query like this one will not only tell you what the aaaa record is for a host but it also tells you that you have IPv6 connectivity to your DNS server! Bonus!


Colin Weaver

Posted in:
About the Author

Colin Weaver

Colin Weaver is co-owner and lead instructor at ITdojo, Inc., a network security and information assurance training center and consulting firm located in Virginia Beach, VA. His passion for technology, networks, and security has led him to become enthralled with the idea of IPv6 and its implementation. In this blog he will share with you glimpses of what he has learned and a hint at what you’ll learn in his classes.