Shell script too see Time-To-Live (TTL) for a DNS record

Say you want to see the Time-To-Live (TTL) value for a given DNS record for A, AAAA, and MX. Here is a sample shell script that works on Linux, Unix, and macOS. You must have the bash and dig command installed.

To find DNS TTL on Linux and Unix we use the following dig command syntax:
For example:

dig A
dig AAAA
dig MX

How too see Time-To-Live (TTL) for a DNS record / domain

# Usage: 
# Shell script too see Time-To-Live (TTL) for a DNS record in human readable
# format.
# Tested on:
# Ubuntu/Debian/macOS with bash shell v5.x
# Note:
# dig must be installed on your system this to work.
# Syntax:
# /path/to/find-domain-ttl
# /path/to/find-domain-ttl | more
# /path/to/find-domain-ttl | grep  -i 'AAAA'
# ----------------------------------------------------------------------------
# Written by Vivek Gite <>
# (c) 2021 Vivek Gite under GNU GPL v2.0+
# ----------------------------------------------------------------------------
# Last updated: 04/Jun/2021
# ----------------------------------------------------------------------------
set -eu -o pipefail
# fail safe i.e. if no $1 passed to the script, die with an error
[ "$domain" == "NULL" ] && { echo "Usage: $0 domain-name"; exit 1; }
# make sure dig installed else die
if type -a dig 2>/dev/null 
	echo "Error: $0 - dig command not found."
	exit 2
# repeat given char 90 times
	for i in {1..90}; do echo -n "$1"; done
# get first ns for domain
# remove everything except 
ns="$(dig +nocmd +noall +answer ns "${domain}" | head -1 | awk '{ print $5}')"
# now print ttl for a, aaaa, and mx
repeat '-'
echo -e "\nDomain\t\t\tTTL\tIN\tRecord\tAnswer"
repeat '-'
for i in a aaaa mx
	dig +nocmd +noall +answer +ttlunits "${i}" "${domain}" "@${ns}"


Simply run it as:
./find-domain-ttl {domain-name}

You will get a nice summary for TTL in human-readable format:

Domain			TTL	IN	Record	Answer
------------------------------------------------------------------------------------------		5m	IN	A		5m	IN	A		5m	IN	A		5m	IN	AAAA	2606:4700:10::6816:ad6		5m	IN	AAAA	2606:4700:10::6816:bd6		5m	IN	AAAA	2606:4700:10::ac43:7ef		5m	IN	MX	1		5m	IN	MX	10		5m	IN	MX	10		5m	IN	MX	5		5m	IN	MX	5

The shell script will automatically strip out sub-domains to find correct NS (Auth Name servers). For example:

Sample session:

Summing up

The dig command is a useful DNS troubleshooting tool for all developers and sysadmins. We can find a host and domains TTL (time to live) for solving problems. This script provides output in a human-readable format. One can use TTL for DNS migration or cloud server migration. Hence, knowing TTL is critical as it will tell how long the DNS client will point to old DNS records on the server.

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source, and DevOps topics via:

Category List of Unix and Linux commands
Disk space analyzers df ncdu pydf
File Management cat cp mkdir tree
Firewall Alpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilities NetHogs dig host ip nmap
OpenVPN CentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Manager apk apt
Processes Management bg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searching grep whereis which
User Information groups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPN Alpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
3 comments… add one
  • noodles Jun 4, 2021 @ 11:41

    Are you sure that “type -a dig1” is correct to check if dig is installed?

  • Jan Tej Jun 11, 2021 @ 7:54

    Awesome work and script. I leader something new today.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum