1

With default options dig shows the return status for a DNS query in the comment ;; ->>HEADER<<- ... status: NXDOMAIN:

ubuntu:~$ dig hosted-by.myinternetservices.com.

; <<>> DiG 9.11.3-1ubuntu1.2-Ubuntu <<>> hosted-by.myinternetservices.com.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63671
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;hosted-by.myinternetservices.com. IN   A

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Wed Oct 17 10:15:02 CEST 2018
;; MSG SIZE  rcvd: 61

But very often I want to have a shorter output from dig and I use the option +noall to achieve this:

ubuntu:~$ dig +noall +answer www.seznam.cz.
www.seznam.cz.          266     IN      A       77.75.77.39
ubuntu:~$ dig +noall +short www.seznam.cz.
77.75.77.39

I also need to see the status for cases when there is no answer but I was not able to get the status when I use +noall. Is there a simple way how to show the status?

pabouk - Ukraine stay strong
  • 246
  • 1
  • 7
  • 14

2 Answers2

2

There is, but it makes the output less terse. The response code is only shown in +comments to the best of my knowledge.

$ dig +noall +comments +answer example.com
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7367
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; ANSWER SECTION:
example.com.            58368   IN      A       93.184.216.34

The only way to condense it down any further is to perform your own text transformations on the above output. If you find yourself needing to work with the individual fields of a DNS response frequently, you might be better off looking at writing a custom script using a DNS client library for your preferred language.

Andrew B
  • 32,588
  • 12
  • 93
  • 131
0

I wish dig implement +exit and used proper non zero exit codes to indicate failure scenarios.

The closest I was able to get was to adapt the exit code using grep.

e.g.

dig +short trilliondollarunicorn.com | grep -e '.*' -e '^$' || echo 'none'

warrenc5
  • 1
  • The question was about DNS protocol status codes, not the `dig` command status code. --- The combination of arguments `-e '.*' -e '^$'` make `grep` match anything so `none` will never be printed. --- Do you know that `trilliondollarunicorn.com` exists and it has a web page (probably since April 2023)? Is not this a spam? – pabouk - Ukraine stay strong Jul 31 '23 at 08:05
  • Hi you are 100% right - I have confused the DNS status with dig exit codes - perhaps there is another valid question regarding this specifically. About the grep - it seems to work in my script when I give a fake domain. And I use this to update my bind9 configuration with sed -i But yes I agree there is a logical exclusivity that's very grep exit code dependent. I haven't looked into in more detail. (WFM) Not intentionally spamming - just didn't want to use ibm.com – warrenc5 Aug 01 '23 at 10:53