Technotes for future me


DNS Measurement, Troubleshooting and Security Auditing Toolset


There are several ways that you can use this toolset. However, using the source code is always recommended.

Source Code

Check out the git repository and install dependencies:

git clone
cd dnsdiag
pip3 install -r requirements.txt

You can alternatively install the package using pip:

pip3 install dnsdiag


dnsping pings a DNS resolver by sending an arbitrary DNS query for given number of times.


dnsping -s -c 5 --dnssec --flags --tls -t AAAA -s


dnstraceroute is a traceroute utility to figure out the path that your DNS request is passing through to get to its destination. You may want to compare it to your actual network traceroute and make sure your DNS traffic is not routed to any unwanted path.

sudo dnstraceroute

sudo dnstraceroute -s

./ --expert --asn -C -t A -s


dnseval is a bulk ping utility that sends an arbitrary DNS query to a give list of DNS servers. This script is meant for comparing response time of multiple DNS servers at once.

You can use dnseval to compare response times using different transport protocols such as UDP (default), TCP, DoT and DoH using –tcp, –tls and –doh respectively.

dnseval -c 10

./ --dnssec -t AAAA -f public-servers.txt -c10


Last updated on 1 Sep 2023
Published on 23 Aug 2023
Edit on GitHub