How to run batch DNS lookups with dig

DNS change reviews often need the same set of names checked more than once, especially during cutovers, incident triage, and post-change validation. dig batch mode keeps that lookup set in a small text file so repeated checks use the same names and record types each time.

The -f option tells dig to read lookup requests from a file. Each line is written like a normal single dig query, while display options such as +noall and +answer can be placed on the command line when every lookup should use the same output format.

The lookup set uses documentation-safe example.com records and the resolver configured inside the shell. Use a specific @server entry when a migration, split-DNS check, or resolver comparison must query one known recursive server instead of the system default.

Related: How to query DNS records with dig
Related: How to query a specific DNS server with dig
Related: How to compare DNS answers across resolvers with dig
Tool: DNS Record Lookup

Steps to run batch DNS lookups with dig:

  1. Create a batch query file with one lookup per line. 
    example.com A
example.com AAAA
example.com NS

    Each line follows the same name, type, class, server, and query-option order used by a normal dig command. Keep one DNS question per line so the saved file stays easy to review.

  2. Review the query list before running the batch. 
    $ cat dns-batch.txt
example.com A
example.com AAAA
example.com NS
  3. Run the batch file with answer-only output. 
    $ dig +noall +answer -f dns-batch.txt
example.com.		234	IN	A	104.20.23.154
example.com.		234	IN	A	172.66.147.243
example.com.		337	IN	AAAA	2606:4700:10::6814:179a
example.com.		337	IN	AAAA	2606:4700:10::ac42:93f3
example.com.		4502	IN	NS	hera.ns.cloudflare.com.
example.com.		4502	IN	NS	elliott.ns.cloudflare.com.

    +noall +answer prints only answer rows. TTL values can differ between repeated runs because recursive resolvers may answer from cache.

  4. Save the batch output when the DNS check needs a ticket attachment or before-and-after comparison. 
    $ dig +noall +answer -f dns-batch.txt > dns-batch-answers.txt
  5. Confirm that the saved transcript contains the expected record types. 
    $ cat dns-batch-answers.txt
example.com.		234	IN	A	104.20.23.154
example.com.		234	IN	A	172.66.147.243
example.com.		337	IN	AAAA	2606:4700:10::6814:179a
example.com.		337	IN	AAAA	2606:4700:10::ac42:93f3
example.com.		4502	IN	NS	hera.ns.cloudflare.com.
example.com.		4502	IN	NS	elliott.ns.cloudflare.com.

    The saved output contains answer rows for the requested A, AAAA, and NS lookups. If a record type returns no rows, repeat that one lookup with comments enabled before treating the name as broken.
    Related: How to query DNS records with dig