1. Introduction

The Domain Name System (DNS) is the de facto standard for local and global name resolution. In addition, outside of names, addresses, and certificates, DNS records can store a diverse range of data and metadata:

  • DHCID: DHCP data
  • HINFO: central processing unit (CPU) and operating system (OS) specifications
  • LOC: location data
  • SOA: zone administration information
  • SRV: service location, which may include ports
  • TXT: text notes, sometimes used to verify ownership

Thus, a domain TXT record can contain any string of text as long as it’s ASCII.

In this tutorial, we explore ways to check the TXT records for a domain from the shell. In particular, we show how several commands can perform what we need and discuss some specifics.

We tested the code in this tutorial on Debian 11 (Bullseye) with GNU Bash 5.1.4. It should work in most POSIX-compliant environments.

2. Using dig

The traditional way to list DNS records involves the dig tool from the bind9-dnsutils package:

$ dig baeldung.com
[...]
;; QUESTION SECTION:
;baeldung.com.                  IN      A

;; ANSWER SECTION:
baeldung.com.           300     IN      A       172.66.43.8
baeldung.com.           300     IN      A       172.66.40.248
[...]

In this case, we only see A records since that’s the default. However, by employing the -t flag of dig and adding TXT, we can request this specific record type:

$ dig -t TXT x.gerganov.com
[...]
;; QUESTION SECTION:
;x.gerganov.com.                        IN      TXT

;; ANSWER SECTION:
x.gerganov.com.         300     IN      TXT     "furu ike ya kawazu tobikomu mizu no oto"
[...]

If +short is used, dig returns only the double-quoted strings from the TXT records, each on a new line:

$ dig +short -t TXT x.gerganov.com
"furu ike ya kawazu tobikomu mizu no oto"

This format is usually easier to process within shell scripts.

3. nslookup

Although not immediately obvious, we can also use the nslookup tool for our purposes:

$ nslookup baeldung.com
Server:         1.1.1.1
Address:        1.1.1.1#53

Non-authoritative answer:
Name:   baeldung.com
Address: 172.66.40.248
Name:   baeldung.com
Address: 172.66.43.8
Name:   baeldung.com
Address: 2606:4700:3108::ac42:2b08
Name:   baeldung.com
Address: 2606:4700:3108::ac42:28f8

Here, the default output format is more structured and less verbose.

For our particular needs, we can leverage the query, querytype, or type specifier by prefixing it with a dash and providing the needed record type:

$ nslookup -querytype=TXT x.gerganov.com
[...]
Non-authoritative answer:
x.gerganov.com  text = "furu ike ya kawazu tobikomu mizu no oto"
[...]

Alternatively, we can do the same interactively:

$ nslookup
> set querytype=txt
> x.gerganov.com
[...]
Non-authoritative answer:
x.gerganov.com  text = "furu ike ya kawazu tobikomu mizu no oto"
[...]

Unlike dig, there are no good built-in options for a more concise output.

4. Using host

Similar to dig, the host command has the -t flag for specifying a record type:

$ host -t txt x.gerganov.com
x.gerganov.com descriptive text "furu ike ya kawazu tobikomu mizu no oto"

While the output is somewhat more verbose than that of dig +short, the TXT record string is still within quotes so that we can extract it:

$ host -t TXT x.gerganov.com | sed 's/^[^"]*"\(.*\)"$/\1/'
furu ike ya kawazu tobikomu mizu no oto

In this case, we employ sed to substitute the whole line with only the matching string. Notably, this works for multiline output and embedded quotes as well.

5. Remarks

Since they are composed of ASCII characters, TXT record strings can also contain quotes. Since the utilities above use double quotes to surround the actual string, it’s worth noting how these are handled:

$ dig +short -t TXT quote.gerganov.com
"This TXT record includes double quotes within its \"data\"."

As expected, to embed the double quotes within a double-quoted string, the tools just escape them.

Moreover, in general, DNS records are linked with a domain or subdomain. All tools above return the records for the exact request:

$ dig +short -t TXT www.gerganov.com
$ dig +short -t TXT x.gerganov.com
"furu ike ya kawazu tobikomu mizu no oto"

Thus, we might get no results for www.gerganov.com, although x.gerganov.com has a TXT record. Still, unlike with the local /etc/hosts file, DNS records support wildcards.

6. Summary

In this article, we inspected domain TXT records with different tools, exploring some details of the process.

In conclusion, the command we use for checking a TXT record usually depends on availability and convenience more than functionality.