farrokhi/dnsdiag
1
0
Fork 0
Code Issues Pull Requests Releases Activity
dnsdiag/index.html

204 lines
10 KiB
HTML
Raw Permalink Blame History

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="chrome=1">
<title>Dnsdiag by farrokhi</title>
<link rel="stylesheet" href="stylesheets/styles.css">
<link rel="stylesheet" href="stylesheets/github-light.css">
<script src="javascripts/scale.fix.js"></script>
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
</head>
<body>
<div class="wrapper">
<header>
<h1 class="header">Dnsdiag</h1>
<p class="header">DNS Diagnostics and Performance Measurement Tools</p>
<ul>
<li class="download"><a class="buttons" href="https://github.com/farrokhi/dnsdiag/zipball/master">Download ZIP</a></li>
<li class="download"><a class="buttons" href="https://github.com/farrokhi/dnsdiag/tarball/master">Download TAR</a></li>
<li><a class="buttons github" href="https://github.com/farrokhi/dnsdiag">View On GitHub</a></li>
</ul>
<p class="header">This project is maintained by <a class="header name" href="https://github.com/farrokhi">farrokhi</a></p>
</header>
<section>
<p><a href="https://travis-ci.org/farrokhi/dnsdiag"><img src="https://travis-ci.org/farrokhi/dnsdiag.svg" alt="Build Status"></a> <a href="https://pypi.python.org/pypi/dnsdiag/"><img src="https://img.shields.io/pypi/v/dnsdiag.svg?maxAge=8600" alt="PyPI"></a> <a href=""><img src="https://img.shields.io/pypi/l/dnsdiag.svg?maxAge=8600" alt="PyPI"></a> <a href=""><img src="https://img.shields.io/pypi/pyversions/dnsdiag.svg?maxAge=8600" alt="PyPI"></a> <a href="https://github.com/farrokhi/dnsdiag/stargazers"><img src="https://img.shields.io/github/stars/farrokhi/dnsdiag.svg?style=social&amp;label=Star&amp;maxAge=8600" alt="GitHub stars"></a></p>
<h1>
<a id="dns-diagnostics-and-performance-measurement-tools" class="anchor" href="#dns-diagnostics-and-performance-measurement-tools" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>DNS Diagnostics and Performance Measurement Tools</h1>
<p>Ever been wondering if your ISP is <a href="https://decentralize.today/is-your-isp-hijacking-your-dns-traffic-f3eb7ccb0ee7#.fevks5wyc">hijacking your DNS traffic</a>? Ever observed any
misbehavior with your DNS responses? Ever been redirected to wrong address and
suspected something is wrong with your DNS? Here we have a <a href="http://github.com/farrokhi/dnsdiag">set of tools</a> to
perform basic audits on your DNS requests and responses to make sure your DNS is
working as you expect.</p>
<p>You can measure the response time of any given DNS server for arbitrary requests
using <code>dnsping</code>. Just like traditional ping utility, it gives you similar
functionality for DNS requests.</p>
<p>You can also trace the path your DNS request takes to destination to make sure
it is not being redirected or hijacked. This can be done by comparing different
DNS queries being sent to the same DNS server using <code>dnstraceroute</code> and observe
if there is any difference between the path.</p>
<p><code>dnseval</code> evaluates multiple DNS resolvers and helps you choose the best DNS
server for your network. While it is highly recommended to use your own DNS
resolver and never trust any third-party DNS server, but in case you need to
choose the best DNS forwarder for your network, <code>dnseval</code> lets you compare
different DNS servers from performance (latency) and reliability (loss) point
of view.</p>
<h1>
<a id="prerequisites" class="anchor" href="#prerequisites" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>prerequisites</h1>
<p>This script requires python3 as well as latest
<a href="http://www.dnspython.org/">dnspython</a> and
<a href="https://pythonhosted.org/cymruwhois/">cymruwhois</a>. Please note that
"dnstraceroute" requires a modified version of dnspython module. All required
third-party modules are included as GIT submodules. You just need to run <code>git
submodule update --init</code> and project directory to pull the required code.</p>
<h1>
<a id="installation" class="anchor" href="#installation" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>installation</h1>
<p>There are several ways that you can use this toolset. However using the sourcecode is always recommended.</p>
<h2>
<a id="from-source-code" class="anchor" href="#from-source-code" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>From Source Code</h2>
<ol>
<li>You can checkout this git repo and its submodules</li>
</ol>
<pre><code>git clone https://github.com/farrokhi/dnsdiag.git
cd dnsdiag
git submodule update --init
</code></pre>
<ol>
<li>You can alternatively install the package using pip:</li>
</ol>
<pre><code>pip3 install --process-dependency-links dnsdiag
</code></pre>
<h2>
<a id="from-binary" class="anchor" href="#from-binary" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>From Binary</h2>
<p>From time to time, binary version will be released for Windows, Mac OS X and Linux platforms. You can grab the latest release from <a href="https://github.com/farrokhi/dnsdiag/releases">releases page</a>.</p>
<h1>
<a id="dnsping" class="anchor" href="#dnsping" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>dnsping</h1>
<p>dnsping pings a DNS resolver by sending an arbitrary DNS query for given number
of times:</p>
<pre><code>% ./dnsping.py -c 3 -t AAAA -s 8.8.8.8 dnsdiag.org
dnsping.py DNS: 8.8.8.8:53, hostname: dnsdiag.org, rdatatype: AAAA
4 bytes from 8.8.8.8: seq=0 time=123.509 ms
4 bytes from 8.8.8.8: seq=1 time=115.726 ms
4 bytes from 8.8.8.8: seq=2 time=117.351 ms
--- 8.8.8.8 dnsping statistics ---
3 requests transmitted, 3 responses received, 0% lost
min=115.726 ms, avg=118.862 ms, max=123.509 ms, stddev=4.105 ms
</code></pre>
<p>This script calculates minimum, maximum and average response time as well as
jitter (stddev)</p>
<h1>
<a id="dnstraceroute" class="anchor" href="#dnstraceroute" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>dnstraceroute</h1>
<p>dnstraceroute is a traceroute utility to figure out the path that your DNS
request is passing through to get to its destination. You may want to compare
it to your actual network traceroute and make sure your DNS traffic is not
routed to any unwanted path.</p>
<pre><code>% ./dnstraceroute.py --expert -C -t A -s 8.8.4.4 facebook.com
dnstraceroute.py DNS: 8.8.4.4:53, hostname: facebook.com, rdatatype: A
1 192.168.0.1 (192.168.0.1) 1 ms
2 192.168.28.177 (192.168.28.177) 4 ms
3 192.168.0.1 (192.168.0.1) 693 ms
4 172.19.4.17 (172.19.4.17) 3 ms
5 google-public-dns-b.google.com (8.8.4.4) 8 ms
=== Expert Hints ===
[*] public DNS server is next to a private IP address (possible hijacking)
</code></pre>
<p>Using <code>--expert</code> will instruct dnstraceroute to print expert hints (such as warnings of possible DNS traffic hijacking).</p>
<h1>
<a id="dnseval" class="anchor" href="#dnseval" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>dnseval</h1>
<p>dnseval is a bulk ping utility that sends an arbitrary DNS query to a give list
of DNS servers. This script is meant for comparing response time of multiple
DNS servers at once:</p>
<pre><code>% ./dnseval.py -t AAAA -f public-v4.txt -c10 fg.weberdns.de
server avg(ms) min(ms) max(ms) stddev(ms) lost(%) flags
------------------------------------------------------------------------------------------------
8.8.8.8 94.556 90.488 112.209 6.322 %0 QR -- -- RD RA AD --
8.8.4.4 92.599 90.265 94.338 1.086 %0 QR -- -- RD RA AD --
ns.ripe.net 92.754 91.632 93.980 0.900 %0 QR -- -- RD RA AD --
4.2.2.1 92.703 91.869 93.298 0.482 %0 QR -- -- RD RA AD --
4.2.2.2 93.195 91.667 94.919 1.065 %0 QR -- -- RD RA AD --
4.2.2.3 93.118 92.076 94.835 0.835 %0 QR -- -- RD RA AD --
4.2.2.4 94.308 92.175 103.318 3.261 %0 QR -- -- RD RA AD --
4.2.2.5 92.650 91.643 94.460 1.002 %0 QR -- -- RD RA AD --
209.244.0.3 92.810 89.961 94.807 1.266 %0 QR -- -- RD RA AD --
209.244.0.4 93.127 91.962 95.970 1.227 %0 QR -- -- RD RA AD --
195.46.39.39 92.770 90.777 93.656 0.914 %0 QR -- -- RD RA AD --
195.46.39.40 92.903 91.280 94.914 1.147 %0 QR -- -- RD RA AD --
</code></pre>
<h3>
<a id="author" class="anchor" href="#author" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>Author</h3>
<p>Babak Farrokhi </p>
<ul>
<li>twitter: <a href="https://twitter.com/farrokhi">@farrokhi</a>
</li>
<li>github: <a href="https://github.com/farrokhi/">/farrokhi</a>
</li>
<li>website: <a href="https://farrokhi.net/">farrokhi.net</a>
</li>
</ul>
<h3>
<a id="license" class="anchor" href="#license" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>License</h3>
<p>dnsdiag is released under a 2 clause BSD license.</p>
<h3>
<a id="credits" class="anchor" href="#credits" aria-hidden="true"><span aria-hidden="true" class="octicon octicon-link"></span></a>Credits</h3>
<ul>
<li>
<a href="https://github.com/rthalley">@rthalley</a> for invaluable <a href="https://github.com/rthalley/dnspython">dnspython</a> library</li>
<li>
<a href="https://github.com/JustinAzoff">@JustinAzoff</a> for <a href="https://github.com/JustinAzoff/python-cymruwhois">python-cymruwhois</a> library</li>
<li>
<a href="https://github.com/bortzmeyer">@bortzmeyer</a> for his feedback and patches</li>
</ul>
</section>
<footer>
<p><small>Hosted on <a href="https://pages.github.com">GitHub Pages</a> using the Dinky theme</small></p>
</footer>
</div>
<!--[if !IE]><script>fixScale(document);</script><![endif]-->
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink