The dig(1) command is a handy DNS information and troubleshooting tool. It can be used to grab a host or domain’s TTL (time to live) values.

This information can be critical to planning a DNS cut over, and how long to leave the old server on.

In most circumstances I’d recommend running a low (5 minute or less) value for normal operation, but some ISPs and providers still are shy about decreasing these values so it is always a good idea to check.

TTL for a Specific Host

Dig’s default output provides the TTL information, it is the number proceeding the record type (underlined below):

$ dig +nocmd +noall +answer   270     IN      A

Note: If your default DNS server is not the authoritative server for the zone you are digging dig will show the time remaining (until the next refresh) instead of the raw TTL value in this position.

You can work around this by directing dig to specifically use one of the domain’s servers, for example I know that is authoritative for this domain:

$ dig +nocmd +noall +answer   300     IN      A


Default TTL (and negative-TTL) for a Domain

We can also pull the domain-wide TTL setting, which controls negative-TTLs (how long a server will cache an NX or ‘nothing there’ reply). This will also break out the SOA into an easier to read format:

# dig +nocmd +multiline +noall +answer any      300 IN SOA (
                       4007121214 ; serial
                       3600       ; refresh (1 hour)
                       900        ; retry (15 minutes)
                       2592000    ; expire (4 weeks 2 days)
                       300        ; minimum (5 minutes)

For more information on dig’s many uses take a look at Paul Heinlein’s DiG HOWTO.

Special thanks to James Snow who provided the initial facts and inspiration for this post.

3 Responses to “HOW TO: Using dig(1) to Find DNS Time to Live (TTL) Values”

  1. MrKap

    Yeah, isn’t always after a crisis where we need a fast domain name change that we finally remember to change the TTL or look up.

    The @ parameter might useful to pull up stuff off the google dns servers, and the windows command, ipconfig /displaydns is pretty good for local ttl on your machine.

    Thank you!

  2. JM

    Google’s resolvers don’t always reflect the TTL that’s in the original zone file. This is generally to our advantage though, as the TTL’s I’ve gotten from Google have been lower than the TTL’s in the zone file.

  3. Fonant

    Get just the TTL with:

    dig +noall +nocmd +answer | cut -f2


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.