1

My general question is how does "dig any" work?

In particular, I would like to compare the use of dig to naive sending of multiple equivalent requests (a, txt, mx, ...).

Does a single DNS query is sent? Is the use of dig more efficient?

Is it guaranteed to get the same results as sending multiple equivalent requests (a, txt, mx, ...)?

If they are not equivalent, when should I use each of the methods?

And finally, if somebody has Python (prefered Python3) implementation of dig (not by running it using subprocess etc.) - I will be glad to get a reference.

Gari BN
  • 1,635
  • 2
  • 17
  • 31

1 Answers1

2

An ANY query is a perfectly ordinary query that asks for the record type with number 255, which is usually referred to as the ANY type, for fairly obvious reasons. It doesn't matter which tool sends the query (the program dig, or code you write, or something else), it's the same query anyway.

There is no guarantee that an ANY query will give the same results as multiple queries for many different types, it's entirely up to the server that generates the responses.

Other than for debugging and diagnostics, there is hardly ever a reason to send an ANY query.

There are loads of DNS libs for Python. I'm sure someone else can tell you which one is the preferred one these days.

Calle Dybedahl
  • 5,228
  • 2
  • 18
  • 22
  • Can you detail about reasons and cases when the results are not the same? – Gari BN Dec 02 '17 at 17:46
  • Any time there is a record of a type you didn't think of, for example. Or when the name server generates responses programmatically depending on the query. Or if the name server tries to optimize the `ANY` response for size. Extra processing for `CNAME`, `DNAME` and/or DNSSEC can also introduce differences. – Calle Dybedahl Dec 04 '17 at 08:49
  • I recently was dealing with a site where the IP had been changed on the authoritative nameserver, but TTL hadn't expired yet. Doing 'dig any' on Google DNS would return the full listing of all records, including the new A record. But an ordinary 'dig' for the A record alone would return the old IP, which still have time left. – apraetor Jan 23 '18 at 20:25