Checking Up on DNS from the Terminal: A Practical Guide
When something breaks on the internet, whether it’s a website, an email service, or an app. DNS (Domain Name System) is often the first place to look.
DNS is what turns human-friendly names like vulpo.be into machine-friendly IP addresses. It also handles things like mail servers, verification records, and caching rules. The good news? You don’t need special software to investigate DNS. Your terminal already has everything you need.
In this guide, we’ll explore the most useful terminal commands for checking DNS records, understanding TTLs (time to live), and troubleshooting issues.
1. The Quick Option: nslookup
If you just want a fast check, nslookup
works on almost every system.
nslookup vulpo.be
Output will show the resolved IP address. You can also specify the type of record:
nslookup -type=MX vulpo.be # Mail servers
nslookup -type=TXT vulpo.be # TXT records (SPF, DKIM, verification tokens)
⚠️ Note: nslookup
is older and sometimes inconsistent between systems. For more detailed inspection, dig
is the better choice.
2. The Workhorse: dig
The dig
command gives you precise, detailed results.
dig vulpo.be
You'll see sections like this:
;; ANSWER SECTION:
vulpo.be. 3599 IN A 34.77.128.88
Here’s what matters:
- vulpo.be. → the queried domain
- 3599 → the TTL (time in seconds that resolvers will cache this record)
- A → the record type (IPv4 address)
- 34.77.128.88 → the actual value of the record
You can also query specific record types:
dig MX vulpo.be # Mail servers
dig TXT vulpo.be # Verification or SPF/DKIM
dig AAAA vulpo.be # IPv6 addresses
3. Querying Specific Name Servers
By default, dig
asks your system’s configured resolver. But sometimes you want to check what a different DNS server sees.
dig @8.8.8.8 vulpo.be
This queries Google’s public DNS. Other popular resolvers include Cloudflare (1.1.1.1) and Quad9 (9.9.9.9).
This is especially useful for checking DNS propagation. Different resolvers may still have cached old values while others have updated.
4. Going to the Source: Authoritative Servers
If you want the most authoritative answer, you can skip resolvers and ask the official nameservers for a domain.
First, find them:
dig NS vulpo.be
Then query one directly:
dig @ns1.example-dns.com vulpo.be
This helps you see what the domain owner’s DNS servers are publishing right now, without cache interference.
5. Reverse Lookups
Sometimes you have an IP address and want to know if it maps back to a domain:
dig -x 34.77.128.88
If there’s a reverse DNS record (PTR), it will show up here.
6. A Lightweight Alternative: host
The host
command is another simple tool for DNS queries:
host vulpo.be
host -t MX vulpo.be
It’s less verbose than dig
and great for quick checks.
Why TTLs Matter
Throughout these commands you’ll notice TTL values (time to live). This number, in seconds, tells resolvers how long to cache a record.
- A high TTL (e.g., 86400 = 24 hours) means fewer queries but slower updates when records change.
- A low TTL (e.g., 300 = 5 minutes) makes updates propagate faster but increases DNS traffic.
If you’re planning a migration, lowering TTLs ahead of time is a smart move.
Final Thoughts
With just a few built-in commands, dig
, nslookup
, and host
, you can:
- ✅ Inspect all types of DNS records (A, AAAA, MX, TXT, CNAME, NS)
- ✅ Check TTLs to understand caching behavior
- ✅ Query specific resolvers or authoritative servers
- ✅ Monitor changes in real time
Whether you’re debugging an outage, setting up email, or rolling out DNS changes, knowing how to check DNS from the terminal is an essential skill for developers and sysadmins alike.
#dns, #caching, #dig, #nslookup, #host, #ttl, #time-to-live, #sysadmin