mapper - Man Page

Create graphical maps of DNS zone data

Synopsis

    mapper [options] zonefile1 domainname1 ... zonefileN domainnameN

Description

This application creates a graphical map of one or more zone files.  The output gives a graphical representation of a DNS zone or zones.  The output is written in the PNG format.  The result can be useful for getting a more intuitive view of a zone or set of zones.  It is extremely useful for visualizing DNSSEC deployment within a given zone as well as to help discover problem spots.

Options

-h

Prints a help summary.

-o OUTFILE.png

Saves the results to a given filename.  If this option is not given, the map will be saved to map.png.

-r

Lists resource records assigned to each node within the map.

-t TYPE,TYPE...

Adds the data portion of a resource record to the displayed node information.  Data types passed will be automatically converted to upper-case for ease of use.

Example usage: -t A will add IPv4 addresses to all displayed nodes that have A records.

-L

Adds a legend to the map.

-l (neato|dot|twopi|circo|fdp)

Selects a layout format.  The default is neato, which is circular in pattern.  See the documentation on the GraphViz package and the GraphViz Perl module for further details.

--node-size=(none|small)

If the map size is too large, it is possible to either greatly reduce the node size (and the text) using --node-size=small or eliminate the circles entirely, leaving only the arrows using --node-size=none.  This can make for better visual diagrams of very complex node sets, although all labeling is lost.

-a

Allows overlapping of nodes.  This makes much tighter maps with the downside being that they are somewhat cluttered.  Maps of extremely large zones will be difficult to decipher if this option is not used.

-e WEIGHT

Assigns an edge weight to edges.  In theory, >1 means shorter and <1 means longer, although, it may not have any effect as implemented. This should work better in the future.

-f INTEGER

Uses the INTEGER value for the font size to print node names with. The default value is 10.

-w WARNTIME

Specifies how far in advance expiration warnings are enabled for signed  resource records.  The default is 7 days.  The warning time is measured in seconds.

-i REGEX

Ignores record types matching a REGEX regular expression.

-s TYPE,TYPE...

Specifies a list of record types that will not be analyzed or displayed in the map.  By default, this is set to NSEC and CNAME in order to reduce clutter.  Setting it to "" will display these results again.

-T TYPE,TYPE...

Restrict record types that will be processed to those of type TYPE. This is the converse of the -s option.  It is not meaningful to use both -s and -t in the same invocation.  They will both work at once, however, so if -T specifies a type which -s excludes, it will not be shown.

-g

Attempts to cluster nodes around the domain name.  For "dot" layouts, this actually means drawing a box around the cluster.  For the other types, it makes very little difference, if any.

-q

Prevents output of warnings or errors about records that have DNSSEC signatures that are near or beyond their signature lifetimes.

--dump-styles

Dumps the current style settings for both nodes and edges.

--node-style=FORMATS
--edge-style=FORMATS

Allows specific style settings to be used when drawing nodes and edges.  Major format specifications are delimited by '/'s and pairs within that are delimited by ':'s.  The first token in a ':' list is expected to be the record name.

For example, to make all A address records appear as a red box and all MX records to appear as a triangle use this specification:

  --node-style=A:shape=box:fillcolor=red/MX:shape=triangle

Run mapper with --dump-styles to show its default settings and/or how you've modified it the options have been used.

Example Invocations

mapper -s cname,nsec -i dhcp -L zonefile zone.com

Writes to the default file (map.png) of a zone.com zone stored in zonefile.  It excludes any hosts with a name containing dhcp and ignores any record of type CNAME or NSEC.  A legend is included in the output.

mapper -s txt,hinfo,cname,nsec,a,aaaa,mx,rrsig -L zonefile zone.com zonefile2 sub.zone.com ...

Removes a lot of records from the display in order to primarily display a map of a zone hierarchy.

mapper -l dot -s txt,hinfo,cname,nsec,a,aaaa,mx,rrsig -L zonefile zone.com zonefile2 sub.zone.com ...

As the previous example, but this command draws a more vertical tree-style graph of the zone.  This works well for fairly deep but narrow hierarchies. Tree-style diagrams rarely look as nice for full zones.

Author

Wes Hardaker <hardaker@users.sourceforge.net>

See Also

Net::DNS

http://dnssec-tools.sourceforge.net

Info

2024-06-10 perl v5.40.0 User Contributed Perl Documentation