User Tools

Site Tools


howtos:dnsviz_at_home

DNSViz at home

DNSViz is a powerful utility when you want to check you DNSSEC setup for your domains. DNSSEC is difficult to manage and makes a hard protocol (DNS) even harder.

You can find the online version of this tool here

Preparations

I love Docker so that's how I choose to run it. First of all you of course need to have Docker installed.

Next, you can either clone the project on Github or download external dependencies manually.

I find it easiest to clone the project:

git clone https://github.com/dnsviz/dnsviz.git

Say you want to save the output to “/home/user1/dns” create the directory structure with this command:

mkdir -p /home/user1/dns/web

Go into the “dnsviz/external” folder on the local git clone and copy all *.js and *.css into “/home/user1/dns/web” folder.

Run script

I use the following script to run a test on a domain:

#!/usr/bin/env bash

z=example.com

docker run --network host -v "$PWD:/data:rw" dnsviz/dnsviz \
        probe -A -a . --nsid --pretty-output -o $z.json $z

docker run -v "$PWD:/data:rw" dnsviz/dnsviz \
        graph -r $z.json -T png -O

docker run -v "$PWD:/data:rw" dnsviz/dnsviz \
        graph -r $z.json -T html -O

# Modify the output html file with the matching directory for the js and css files.
sed -i -e 's,file:///usr/share/dnsviz/css,web,' \
    -e 's,file:///usr/share/dnsviz/js,web,' $z.html

Make it executable:

chmod +x run.sh

Before you run it change the “z” parameter to the domain you want to test and make sure you save the script in the directory “home/user1/dns”.

Also, remember to run the script as root otherwise Docker complains.

The script will output three files, example.com.html, example.com.png and example.com.json. You basically only need to open the html file in a browser to see the result.

Single commands

You can run the queries by hand but you will have to handle the input and output of files yourself.

Fx. you could make a simple lookup like this:

sudo docker run dnsviz/dnsviz query example.com
howtos/dnsviz_at_home.txt · Last modified: d/m/Y H:i by domingo