Dnspktflow is a tool that parses a tcpdump file and graphically displays the DNS, and DNSSEC specific, network traffic. It can be used to check DNSSEC traffic at a server in order to track down or check for errors.
Getting started with dnspktflow
- Given a tcpdump file tcpdump.out with some DNS traffic in it.
>dnspktflow -t -q -a -A -x -l -r 'dnssec-tools' -o dnspktflow.png tcpdump.out >
- The command line arguments above add extra information to the picture (type, query, answers, authoritative and extra information), while reducing the data to DNS packets involving hosts with 'dnssec-tools' in their names.
Error creating thumbnail: File missing