Shell script too see Time-To-Live (TTL) for a DNS record

Say you want to see the Time-To-Live (TTL) value for a given DNS record for A, AAAA, and MX. Here is a sample shell script that works on Linux, Unix, and macOS. You must have the bash and dig command installed.

To find DNS TTL on Linux and Unix we use the following dig command syntax:
dig {TYPE} {DomainNameHere {NS-AUTHNAME-SERVER-HERE}
For example:

dig A cyberciti.biz @clay.ns.cloudflare.com.
dig AAAA cyberciti.biz @clay.ns.cloudflare.com.
dig MX cyberciti.biz @clay.ns.cloudflare.com.
dig CNAME c.cyberciti.biz @clay.ns.cloudflare.com.

How too see Time-To-Live (TTL) for a DNS record / domain

#!/bin/bash
# Usage: 
# Shell script too see Time-To-Live (TTL) for a DNS record in human readable
# format.
#
# Tested on:
# Ubuntu/Debian/macOS with bash shell v5.x
#
# Note:
# dig must be installed on your system this to work.
#
# Syntax:
# /path/to/find-domain-ttl cyberciti.biz
# /path/to/find-domain-ttl google.com | more
# /path/to/find-domain-ttl cyberciti.biz | grep  -i 'AAAA'
# ----------------------------------------------------------------------------
# Written by Vivek Gite <https://www.cyberciti.biz/>
# (c) 2021 Vivek Gite under GNU GPL v2.0+
# ----------------------------------------------------------------------------
# Last updated: 04/Jun/2021
# ----------------------------------------------------------------------------
set -eu -o pipefail
domain="${1:-NULL}"
 
# fail safe i.e. if no $1 passed to the script, die with an error
[ "$domain" == "NULL" ] && { echo "Usage: $0 domain-name"; exit 1; }
 
# make sure dig installed else die
if type -a dig 2>/dev/null 
then
	echo "Error: $0 - dig command not found."
	exit 2
fi
 
# repeat given char 90 times
repeat(){
	for i in {1..90}; do echo -n "$1"; done
}
 
# get first ns for domain
# remove everything except domain.com 
str="${domain%.*.*}"
domain="${domain/$str./}"
 
ns="$(dig +nocmd +noall +answer ns "${domain}" | head -1 | awk '{ print $5}')"
 
# now print ttl for a, aaaa, and mx
repeat '-'
echo -e "\nDomain\t\t\tTTL\tIN\tRecord\tAnswer"
repeat '-'
echo 
 
for i in a aaaa mx
do   
	dig +nocmd +noall +answer +ttlunits "${i}" "${domain}" "@${ns}"
done

Usage

Simply run it as:
./find-domain-ttl {domain-name}
./find-domain-ttl cyberciti.biz

You will get a nice summary for TTL in human-readable format:

------------------------------------------------------------------------------------------
Domain			TTL	IN	Record	Answer
------------------------------------------------------------------------------------------
cyberciti.biz.		5m	IN	A	104.22.11.214
cyberciti.biz.		5m	IN	A	104.22.10.214
cyberciti.biz.		5m	IN	A	172.67.7.239
cyberciti.biz.		5m	IN	AAAA	2606:4700:10::6816:ad6
cyberciti.biz.		5m	IN	AAAA	2606:4700:10::6816:bd6
cyberciti.biz.		5m	IN	AAAA	2606:4700:10::ac43:7ef
cyberciti.biz.		5m	IN	MX	1 aspmx.l.google.com.
cyberciti.biz.		5m	IN	MX	10 aspmx2.googlemail.com.
cyberciti.biz.		5m	IN	MX	10 aspmx3.googlemail.com.
cyberciti.biz.		5m	IN	MX	5 alt1.aspmx.l.google.com.
cyberciti.biz.		5m	IN	MX	5 alt2.aspmx.l.google.com.

The shell script will automatically strip out sub-domains to find correct NS (Auth Name servers). For example:
./find-domain-ttl www.cyberciti.biz
./find-domain-ttl www.google.com

Sample session:

Summing up

The dig command is a useful DNS troubleshooting tool for all developers and sysadmins. We can find a host and domains TTL (time to live) for solving problems. This script provides output in a human-readable format. One can use TTL for DNS migration or cloud server migration. Hence, knowing TTL is critical as it will tell how long the DNS client will point to old DNS records on the server.

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source, and DevOps topics via:

Category List of Unix and Linux commands
Disk space analyzers df ncdu pydf
File Management cat cp mkdir tree
Firewall Alpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilities NetHogs dig host ip nmap
OpenVPN CentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Manager apk apt
Processes Management bg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searching grep whereis which
User Information groups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPN Alpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
3 comments… add one
  • noodles Jun 4, 2021 @ 11:41

    Are you sure that “type -a dig1” is correct to check if dig is installed?

  • Jan Tej Jun 11, 2021 @ 7:54

    Awesome work and script. I leader something new today.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum