Rechercher une page de manuel

Chercher une autre page de manuel:


Langue: en

Autres versions - même langue

Version: 2010-06-30 (ubuntu - 24/10/10)

Section: 1 (Commandes utilisateur)


     mapper - Create graphical maps of DNS zone data


     mapper [options] zonefile1 domainname1 ... zonefileN domainnameN


This application creates a graphical map of one or more zone files. The output gives a graphical representation of a DNS zone or zones. The output is written in the PNG format. The result can be useful for getting a more intuitive view of a zone or set of zones. It is extremely useful for visualizing DNSSEC deployment within a given zone as well as to help discover problem spots.


Prints a help summary.
-o OUTFILE.png
Saves the results to a given filename. If this option is not given, the map will be saved to map.png.
Lists resource records assigned to each node within the map.
Adds the data portion of a resource record to the displayed node information. Data types passed will be automatically converted to upper-case for ease of use.

Example usage: -t A will add IPv4 addresses to all displayed nodes that have A records.

Adds a legend to the map.
-l (neato|dot|twopi|circo|fdp)
Selects a layout format. The default is neato, which is circular in pattern. See the documentation on the GraphViz package and the GraphViz Perl module for further details.
Allows overlapping of nodes. This makes much tighter maps with the downside being that they are somewhat cluttered. Maps of extremely large zones will be difficult to decipher if this option is not used.
Assigns an edge weight to edges. In theory, >1 means shorter and <1 means longer, although, it may not have any effect as implemented. This should work better in the future.
Uses the INTEGER value for the font size to print node names with. The default value is 10.
Specifies how far in advance expiration warnings are enabled for signed resource records. The default is 7 days. The warning time is measured in seconds.
Ignores record types matching a REGEX regular expression.
Specifies a list of record types that will not be analyzed or displayed in the map. By default, this is set to NSEC and CNAME in order to reduce clutter. Setting it to "" will display these results again.
Restrict record types that will be processed to those of type TYPE. This is the converse of the -s option. It is not meaningful to use both -s and -t in the same invocation. They will both work at once, however, so if -T specifies a type which -s excludes, it will not be shown.
Attempts to cluster nodes around the domain name. For ``dot'' layouts, this actually means drawing a box around the cluster. For the other types, it makes very little difference, if any.
Prevents output of warnings or errors about records that have DNSSEC signatures that are near or beyond their signature lifetimes.
Dumps the current style settings for both nodes and edges.
Allows specific style settings to be used when drawing nodes and edges. Major format specifications are delimited by '/'s and pairs within that are delimited by ':'s. The first token in a ':' list is expected to be the record name.

For example, to make all A address records appear as a red box and all MX records to appear as a triangle use this specification:


Run mapper with --dump-styles to show its default settings and/or how you've modified it the options have been used.


mapper -s cname,nsec -i dhcp -L zonefile
Writes to the default file (map.png) of a zone stored in zonefile. It excludes any hosts with a name containing dhcp and ignores any record of type CNAME or NSEC. A legend is included in the output.
mapper -s txt,hinfo,cname,nsec,a,aaaa,mx,rrsig -L zonefile zonefile2 ...
Removes a lot of records from the display in order to primarily display a map of a zone hierarchy.
mapper -l dot -s txt,hinfo,cname,nsec,a,aaaa,mx,rrsig -L zonefile zonefile2 ...
As the previous example, but this command draws a more vertical tree-style graph of the zone. This works well for fairly deep but narrow hierarchies. Tree-style diagrams rarely look as nice for full zones.
Copyright 2004-2009 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-Tools package for details.


Wes Hardaker <>



Je suis contre l'avortement.
Tuer un être humain avant qu'il ne soit né est impardonnable.
C'est une preuve d'impatience.
-+- Bernard Shaw -+-