DNSViz is a tool for assessing the health of DNS deployments by issuing diagnostic queries, assessing the responses, and outputting the results in one of several formats. The assessment may be directed towards recursive or authoritative DNS servers, and the output may be textual, graphical, or serialized for programmatic review.
DNSViz is a tool suite for analysis and visualization of Domain Name System (DNS) behavior, including its security extensions (DNSSEC).
dnsviz grok(without the -t option) can be used without pygraphviz installed. Version 1.1 or greater is required because of the support for unicode names and HTML-like labels, both of which are utilized in the visual output.
Note that support for the following DNSSEC algorithms is not yet available in stock releases of M2Crypto: 3 (DSA-SHA1), 6 (DSA-NSEC3-SHA1), 12 (GOST R 34.10-2001), 13 (ECDSA Curve P-256 with SHA-256), 14 (ECDSA Curve P-384 with SHA-384). However, the patch included in “contrib/m2crypto.patch” can be applied to M2Crypto 0.21.1 or M2Crypto 0.22.3 to support these algorithms:
$ patch -p1 < /path/to/dnsviz-source/contrib/m2crypto.patch
A typical build and install is performed with the following commands:
$ python setup.py build $ sudo python setup.py install
To see all installation options, run the following:
$ python setup.py --help
DNSViz is invoked using the
dnsviz command-line utility.
dnsviz itself uses several subcommands:
query . See the man pages associated with each subcommand, in the form of “dnsviz- (1)” (e.g., “man dnsviz-probe”) for more detailed documentation and usage.