What’s the difference between `dig` and `host` when querying a specific name-server

I was using this command to verify if I'd set things up correctly with a DNS provider:

host hostname.example.com ns1.example-nameserver.com

As far as I can tell, this asks ns1.example-nameserver.com to look up hostname.example.com and reports the answer. I was getting a host-not-found response so I thought I'd done it wrong. However, without specifying their name-server (thus allowing my ISP's name-server to look it up) I got the correct response (hostname is a CNAME if it matters). I couldn't fathom this so I searched around and found the dig command:

dig @ns1.example-nameserver.com hostname.example.com

As far as I can tell this does the same thing as the host command – asks a specific name-server to look up a host. I therefore conclude that they must do it differently somehow, and that caching name-servers must use the same method as dig.

My conclusion is either right or wrong, if it is right:

What is the difference between these two look-up methods?

If it is wrong:

What are my misunderstandings about DNS and the host and dig commands that have led me to this conclusion?

Example output:

$ host cardiff.tzmchapters.org ns1.livedns.co.uk
Using domain server:
Name: ns1.livedns.co.uk
Address: 213.171.192.250#53
Aliases: 

Host cardiff.tzmchapters.org not found: 3(NXDOMAIN)

$ dig @ns1.livedns.co.uk cardiff.tzmchapters.org

; <<>> DiG 9.8.3-P1 <<>> @ns1.livedns.co.uk cardiff.tzmchapters.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23620
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;cardiff.tzmchapters.org.   IN  A

;; ANSWER SECTION:
cardiff.tzmchapters.org. 3600   IN  CNAME   ghs.google.com.

;; AUTHORITY SECTION:
google.com.     3600    IN  SOA ns1.livedns.co.uk. admin.google.com. 1354213742 10800 3600 604800 3600

;; Query time: 27 msec
;; SERVER: 213.171.192.250#53(213.171.192.250)
;; WHEN: Mon Apr 22 23:47:05 2013
;; MSG SIZE  rcvd: 128

Best Answer

host, dig, and nslookup all share most of the same functionality. In the case you are asking about (asking a particular DNS question to a particular nameserver), dig and host (and indeed nslookup) behave exactly the same.

For DNS troubleshooting, dig is preferred because its output format is more "raw": in its output it directly shows the contents of all 4 fields in the DNS response: question, answer, authority, and additional sections (plus the flags in the header), and also it has more options. host, on the other hand, has a more user-friendly output format.

If you don't happen to need an option that one of the commands has and the others don't, or a piece of information that one of them outputs and the others don't, then it comes down to a matter of preference.

Best Answer

Related Solutions

CNAME to another domain fails on some office networks, why

Debian – Setting up a DNS name server for a mass virtual host with Bind9

Related Topic