« Back to Frequently Asked Questions

How to see the TTL value of a DNS record

The TTL value defines how long a DNS record normally should be cached. Although not all resolvers will adhere to it, many do. In that case it may be useful to learn how much time is still left on the TTL.

Using dig to query the TTL

With the dig command we query the current TTL value. That is, the value returned by your DNS resolver. When the value reaches zero, a new request should be done to the upstream servers, often the authoritative server.

dig +noall +answer +ttlunits A linux-audit.com

So what does this command do?

Dig optionAction performed
+noallFilter results, don’t show all details of the query response
+answerInclude the actual answer in the output
+ttlunitsShow a human friendly output, instead of seconds

For readability we normally list all options in alphabetical order. For this command it is important that +answer comes after +noall, otherwise the answer will be filtered out.


Small picture of Michael Boelen

This article has been written by our Linux security expert Michael Boelen. With focus on creating high-quality articles and relevant examples, he wants to improve the field of Linux security. No more web full of copy-pasted blog posts.

Discovered outdated information or have a question? Share your thoughts. Thanks for your contribution.

Mastodon icon