lost and found ( for me ? ): visualize

https://www.dnssec-tools.org/wiki/index.php/DNSSEC-Nodes
dnssec-nodes visualize DNS queries , which is useful for debug.
This tool can monitor BIND debug log and visualize DNS flow from that file in real time.

[root@fc17 ~]# uname -ri
3.5.2-3.fc17.x86_64 x86_64

[root@fc17 ~]# cat /etc/fedora-release
Fedora release 17 (Beefy Miracle)

install dnssec-nodes

[root@fc17 ~]# yum install -y dnssec-nodes

[root@fc17 ~]# rpm -ql dnssec-nodes
/usr/bin/dnssec-nodes
/usr/share/applications/dnssec-nodes.desktop
/usr/share/doc/dnssec-nodes-1.12
/usr/share/doc/dnssec-nodes-1.12/COPYING
/usr/share/icons/hicolor/scalable/apps/dnssec-nodes.svg
/usr/share/man/man1/dnssec-nodes.1.gz

launch dnssec-nodes

[root@fc17 ~]# dnssec-nodes

The following is an output of resolving “unbound.net”

dnssec-nodes can watch BIND debug log and visualize DNS flow from that file in real time.

[ monitor a BIND debug log and visualize DNS flow in real time ]

- BIND

[root@fc17 ~]# named -v
BIND 9.9.1-P2-RedHat-9.9.1-5.P2.fc17

enable debug logging. ( add red lines )

[root@fc17 ~]# cat /etc/named.conf

options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
       statistics-file "/var/named/data/named_stats.txt";
       memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query     { localhost; };
recursion yes;

dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";
};

logging {
      channel default_debug {
               file "data/named.run";
               severity dynamic;
       };

      channel default_debug {
              file "/var/named/data/debug.log"
                 versions 2
                 size     100m;
                 severity debug 9;
                 print-category yes;
                 print-severity yes;
      };
};

zone "." IN {
type hint;
file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

key "rndc-key" {
algorithm hmac-md5;
secret "zzz";
};

controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
[root@fc17 ~]#

reload configuration.

[root@fc17 ~]# rndc reload
server reload successful

here’s my resolv.conf

[root@fc17 ~]# cat /etc/resolv.conf
nameserver 127.0.0.1

[root@fc17 ~]# systemctl status named.service
named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; disabled)
Active: active (running) since Sat, 25 Aug 2012 02:14:08 +0900; 12min ago
Main PID: 3872 (named)
CGroup: name=systemd:/system/named.service
└ 3872 /usr/sbin/named -u named

Aug 25 02:23:28 fc17.localdomain named[3872]: loading configuration from '/etc/named.conf'
Aug 25 02:23:28 fc17.localdomain named[3872]: reading built-in trusted keys from file '/et...y'
Aug 25 02:23:28 fc17.localdomain named[3872]: using default UDP/IPv4 port range: [1024, 65535]
Aug 25 02:23:28 fc17.localdomain named[3872]: using default UDP/IPv6 port range: [1024, 65535]
Aug 25 02:23:28 fc17.localdomain named[3872]: sizing zone task pool based on 6 zones
Aug 25 02:23:28 fc17.localdomain named[3872]: using built-in DLV key for view _default
Aug 25 02:23:28 fc17.localdomain named[3872]: reloading configuration succeeded
Aug 25 02:23:28 fc17.localdomain named[3872]: reloading zones succeeded
Aug 25 02:23:28 fc17.localdomain named[3872]: all zones loaded
Aug 25 02:23:28 fc17.localdomain named[3872]: running

on dnssec-nodes GUI , file -> Open and Watch a log file -> select a BIND debug log.

lost and found ( for me ? )

lost and found ( for me ? )

online DNS visualization for free

dnssec-nodes : DNS Visualization Tool