Run any Skill in Manus with one click

$pwd:

dns-tools

Name: Dns Tools
Author: laurigates

// Resolve DNS records, check propagation, and debug name resolution. Use when you need to look up A/AAAA/MX/TXT records, verify DNS changes across resolvers, or query via encrypted DNS (DoT/DoH).

Run Skill in Manus

$ git log --oneline --stat

stars:32

forks:5

updated:April 25, 2026 at 17:37

SKILL.md

readonly

package.json

"author": "laurigates"

"repository": "laurigates/claude-plugins"

View GitHub Repository

$ install --globalskills.sh

$ download --local

Run Skill in Manus

[HINT] Download the complete skill directory including SKILL.md and all related files

Run any Skill with one click

name	dns-tools
description	Resolve DNS records, check propagation, and debug name resolution. Use when you need to look up A/AAAA/MX/TXT records, verify DNS changes across resolvers, or query via encrypted DNS (DoT/DoH).
user-invocable	false
allowed-tools	Bash(dig ), Bash(nslookup ), Bash(host ), Bash(whois ), Read, Grep, Glob, TodoWrite
created	"2026-01-01T00:00:00.000Z"
modified	"2026-04-25T00:00:00.000Z"
reviewed	"2026-04-25T00:00:00.000Z"

DNS Tools

When to Use This Skill

Scenario	Use this skill	Alternative
Look up DNS records (A, MX, TXT, etc.)	Yes
Check DNS propagation across resolvers	Yes
Query via encrypted DNS (DoT/DoH)	Yes
Verify email auth records (SPF/DKIM/DMARC)	Yes
Reverse DNS lookup for an IP	Yes
Troubleshoot connectivity or packet loss		network-diagnostics (trippy, gping)
Find hosts or open ports on a network		network-discovery (RustScan, nmap)
Discover devices on local L2 segment		layer2-discovery (ARP/LLDP)
Load test an HTTP endpoint		http-load-testing (oha)
Monitor real-time bandwidth per process		network-monitoring (bandwhich)

Core Expertise

dog is a modern, Rust-based DNS client that serves as a user-friendly alternative to dig. Key advantages:

Readable output: Colorized, human-friendly formatting by default
Modern protocols: Native support for DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH)
JSON output: Machine-parseable output for scripting and automation
Fast: Compiled Rust binary with minimal dependencies
Cross-platform: Works on Linux, macOS, and Windows

Installation

# macOS
brew install dog

# Cargo (any platform)
cargo install dog

# Arch Linux
pacman -S dog

Essential Commands

Basic Queries

# Query A record (default)
dog example.com

# Query specific record type
dog example.com MX
dog example.com AAAA
dog example.com TXT

# Query multiple record types
dog example.com A AAAA MX

# Query multiple domains
dog example.com example.org

Specifying DNS Server

# Use specific resolver
dog @8.8.8.8 example.com
dog @1.1.1.1 example.com MX

# Use system resolver explicitly
dog @/etc/resolv.conf example.com

Output Formats

# JSON output for parsing
dog --json example.com

# Short output (answers only)
dog --short example.com

# Quiet mode (minimal output)
dog -q example.com

DNS-over-TLS and DNS-over-HTTPS

Modern encrypted DNS protocols prevent eavesdropping and tampering.

DNS-over-TLS (DoT)

# Query via DoT (port 853)
dog --tls @dns.google example.com
dog --tls @1.1.1.1 example.com

# Explicit TLS server specification
dog --tls @dns.quad9.net example.com

DNS-over-HTTPS (DoH)

# Query via DoH
dog --https @https://dns.google/dns-query example.com
dog --https @https://cloudflare-dns.com/dns-query example.com

# Quad9 DoH
dog --https @https://dns.quad9.net/dns-query example.com

Protocol Comparison

Protocol	Flag	Port	Use Case
UDP	(default)	53	Standard queries
TCP	`--tcp`	53	Large responses, reliability
DoT	`--tls`	853	Encrypted, TLS-based
DoH	`--https`	443	Encrypted, HTTPS-based

Advanced Features

Query Options

# Force TCP instead of UDP
dog --tcp example.com

# Set query timeout (seconds)
dog --timeout 5 example.com

# Disable recursion (query authoritative only)
dog --no-recurse example.com

# Query specific class
dog --class CH version.bind TXT  # Chaos class for version info

Reverse DNS

# PTR lookup for IP address
dog -x 8.8.8.8
dog --reverse 1.1.1.1

DNSSEC Queries

# Request DNSSEC records
dog --dnssec example.com

# Query DNSKEY records directly
dog example.com DNSKEY
dog example.com DS

Common Patterns

Troubleshooting DNS

# Check propagation across multiple resolvers
dog @8.8.8.8 example.com A
dog @1.1.1.1 example.com A
dog @9.9.9.9 example.com A

# Verify MX records for email
dog example.com MX --json | jq '.answers[].data'

# Check SPF/DKIM/DMARC for email auth
dog example.com TXT | grep -E 'spf|dkim|dmarc'
dog _dmarc.example.com TXT
dog selector._domainkey.example.com TXT

Automation and Scripting

# Extract IP addresses from JSON
dog --json example.com A | jq -r '.answers[].data'

# Check if domain resolves
dog --short example.com && echo "Resolves" || echo "No resolution"

# Batch queries
for domain in example.com example.org; do
  dog --json "$domain" A
done

Alternative Tools

dig (Traditional)

Still valuable for DNSSEC validation and advanced debugging:

# DNSSEC validation
dig +dnssec example.com

# Trace delegation path
dig +trace example.com

# Query with specific options
dig +noall +answer example.com MX

drill (LDNS Project)

DNSSEC-focused tool from NLnet Labs:

# DNSSEC chase
drill -S example.com

# Trace from root
drill -T example.com

Agentic Optimizations

Context	Command
Parse results	`dog --json example.com`
Quick check	`dog --short example.com`
Minimal output	`dog -q example.com A`
Extract IPs	`dog --json example.com A \| jq -r '.answers[].data'`
Batch queries	Loop with `--json` for structured output
CI/CD checks	`dog --json --timeout 5` for fast, parseable results

Quick Reference

Record Types

Type	Description	Example
A	IPv4 address	`dog example.com A`
AAAA	IPv6 address	`dog example.com AAAA`
MX	Mail exchanger	`dog example.com MX`
NS	Name server	`dog example.com NS`
TXT	Text record	`dog example.com TXT`
CNAME	Canonical name	`dog www.example.com CNAME`
SOA	Start of authority	`dog example.com SOA`
PTR	Pointer (reverse)	`dog -x 8.8.8.8`
SRV	Service record	`dog _sip._tcp.example.com SRV`
CAA	Certificate authority	`dog example.com CAA`

Common Flags

Flag	Short	Description
`--json`	`-J`	JSON output
`--short`	`-s`	Answers only
`--tcp`	`-T`	Use TCP
`--tls`		DNS-over-TLS
`--https`	`-H`	DNS-over-HTTPS
`--reverse`	`-x`	Reverse lookup
`--timeout`		Query timeout
`--dnssec`	`-D`	Request DNSSEC
`--class`	`-C`	Query class
`--no-recurse`		Disable recursion

Error Handling

Error	Cause	Solution
NXDOMAIN	Domain does not exist	Verify domain spelling
SERVFAIL	Server failure	Try different resolver
REFUSED	Query refused	Server policy, try public resolver
Timeout	No response	Check network, increase `--timeout`
Connection refused	DoT/DoH server unreachable	Verify server address and port

name	dns-tools
description	Resolve DNS records, check propagation, and debug name resolution. Use when you need to look up A/AAAA/MX/TXT records, verify DNS changes across resolvers, or query via encrypted DNS (DoT/DoH).
user-invocable	false
allowed-tools	Bash(dig ), Bash(nslookup ), Bash(host ), Bash(whois ), Read, Grep, Glob, TodoWrite
created	"2026-01-01T00:00:00.000Z"
modified	"2026-04-25T00:00:00.000Z"
reviewed	"2026-04-25T00:00:00.000Z"