27

dig responses return flags in the comments section:

$ dig example.com +noall +comments

; <<>> DiG 9.8.3-P1 <<>> example.com +noall +comments
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29045
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

On the last line here, there are flags:

flags: qr rd ra;

What are all the possible flags that dig has?

Here's a list of the ones I've found so far:

Improve this question

3 Answers 3

Reset to default
30

I am using RFC 1035 as source, keeping to the sequence from there, regardless if you already mentioned it in your question.

  • QR specifies whether this message is a query (0), or a response (1)
  • OPCODE A four bit field, only valid values: 0,1,2
  • AA Authoritative Answer
  • TC TrunCation (truncated due to length greater than that permitted on the transmission channel)
  • RD Recursion Desired
  • RA Recursion Available
  • Z Reserved for future use. Must be zero

There were two more DNSSEC-related flags introduced in RFC 4035:

  • CD (Checking Disabled): indicates a security-aware resolver should disable signature validation (that is, not check DNSSEC records)
  • AD (Authentic Data): indicates the resolver believes the responses to be authentic - that is, validated by DNSSEC
Improve this answer
15

From: http://www.perdisci.com/useful-links/dig-info

DIG response header:

Flags:
AA = Authoritative Answer

TC = Truncation

RD = Recursion Desired (set in a query and copied into the response if recursion is supported)

RA = Recursion Available (if set, denotes recursive query support is available)

AD = Authenticated Data (for DNSSEC only; indicates that the data was authenticated)

CD = Checking Disabled (DNSSEC only; disables checking at the receiving server)

Response code:

0 = NOERR, no error

1 = FORMERR, format error (unable to understand the query)

2 = SERVFAIL, name server problem

3= NXDOMAIN, domain name does not exist

4 = NOTIMPL, not implemented

5 = REFUSED (e.g., refused zone transfer requests)
Improve this answer
2

For more information read:

RFC1035 - 4.1.1. Header section format (https://www.rfc-editor.org/rfc/rfc1035)

RFC6895 - 2. DNS Query/Response Headers (https://www.rfc-editor.org/rfc/rfc6895)

Improve this answer
2
  • I don't think pointing at RFC's is really helpful, at least not with at least a quick summary of the information that can be found there.
    – Thomas Guyot-Sionnest
    Commented Nov 14, 2021 at 21:06
  • how about this link? it shows the flags with text and points to the RFCs too iana.org/assignments/dns-parameters/…
    – StefanKaerst
    Commented Nov 17, 2023 at 13:32

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .