Using dig to query an address without resolving CNAMEs

Question

I've pored over the man pages and I'm pretty sure the answer is "no" but is there a way to prevent dig from resolving a CNAME record for a host?

For example:

$ dig +short mail.yahoo.com A
edge.gycpi.b.yahoodns.net.
66.218.84.40
66.218.84.44
66.218.84.41
66.218.84.45
66.218.84.42
66.218.84.43

There is not an A record for this host, so I should get no answer. It seems like A and AAAA are treated differently from any other record type in this regard.

I've tried the +norecurse and +noadditional options without success. I can easily parse the response in my script to see if it has multiple lines where the first one is a FQDN, but it feels like I shouldn't have to.

Answer 1

According to RFC 1034 you can ask for a CNAME record type, and if one exists that's what you'll get.

dig -t cname +short www.bbc.co.uk
www.bbc.co.uk.pri.bbc.co.uk.

However, there doesn't seem to be a way to ask for (say) an A record but disallow lookups through a CNAME:

dig -t cname +short uk.www.bbc.co.uk.pri.bbc.co.uk    # No output

Indeed, section 3.6.2 of RFC 1034 writes that,

When a name server fails to find a desired RR in the resource set associated with the domain name, it checks to see if the resource set consists of a CNAME record with a matching class. If so, the name server includes the CNAME record in the response and restarts the query at the domain name specified in the data field of the CNAME record. The one exception to this rule is that queries which match the CNAME type are not restarted.

Per RFC terminology, as there is no "should" in this description it is a definitive course of action.

To get the behaviour you're seeking you would probably need to wrap dig in some custom code such as this,

query=www.bbc.co.uk

result=$(dig -t cname +short "$query" | xargs)
[ -z "$result" ] && result=$(dig -t a +short "$query" | xargs)

printf "Result: %s\n" "$result"