# Install dnsviz with Homebrew, apt, dnf, MacPorts, Nix

Tools for analyzing and visualizing DNS and DNSSEC behavior. Version 0.11.1 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:dnsviz
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install dnsviz
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install dnsviz
```

  Evidence: MacPorts ports tree: net/dnsviz/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- Debian apt (92%):

```sh
sudo apt install dnsviz
```

  Evidence: Debian stable package indexes: dnsviz from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz

- dnf (92%):

```sh
sudo dnf install dnsviz
```

  Evidence: Fedora Rawhide package metadata: dnsviz from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

- Nix (92%):

```sh
nix profile install nixpkgs#dnsviz
```

  Evidence: nixpkgs package indexes: pkgs/by-name/dn/dnsviz/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:dnsviz
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/dnsviz>
- **Version:** 0.11.1
- **Source summary:** Tools for analyzing and visualizing DNS and DNSSEC behavior
- **Homepage:** <https://github.com/dnsviz/dnsviz/>
- **Repository:** <https://github.com/dnsviz/dnsviz>
- **Upstream docs:** <https://dnsviz.net/>
- **License:** GPL-2.0-or-later
- **Source archive:** <https://files.pythonhosted.org/packages/59/91/aa152739fea36d4456fbcc71a26333ffef587526d722c10c281ab12a6a35/dnsviz-0.11.1.tar.gz>
- **Generated:** 2026-07-08T18:08:21+00:00

## Executables

- dnsviz (cli)
- dnsviz (alias)

## Dependencies

- cryptography
- graphviz
- openssl@3
- python@3.14

## Build dependencies

- bind
- pkgconf
- swig

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 0.11.1
- Local data: ok
- Upstream repository: https://github.com/dnsviz/dnsviz
- info: No package-manager update timestamp was available.
- info: No cached GitHub release or tag data was available.
## Project history and usage

DNSViz is a DNS and DNSSEC analysis suite with an unusually visible public-service history: it is both installable software and the engine behind the dnsviz.net diagnostic site.

Its package-nerd importance comes from making DNSSEC validation failures inspectable. Instead of only returning a broken validation result, DNSViz draws the authentication chain, the DNS resolution path, and detected configuration errors.

### Project history

DNSViz was developed by Casey Deccio while at Sandia National Laboratories to help administrators understand and troubleshoot DNSSEC deployments after DNSSEC became a practical operational requirement for many zones.

The public dnsviz.net service was already being highlighted by the Internet Society in 2011 as a free DNSSEC testing tool operated by Sandia, and Sandia described the project publicly in January 2012.

The open-source tool suite later settled around the dnsviz GitHub organization. The repository describes the package as the tool suite that powers the web-based DNSViz analysis service.

### Adoption history

DNSViz spread through the DNSSEC operations community because it solved a concrete deployment pain: showing why a chain of trust failed and which records or name servers were involved.

It is packaged by multiple Unix-style package managers, including Homebrew, Debian, Fedora, MacPorts, Nix, and Ubuntu, which points to use beyond the hosted site by operators who want local or automated DNSSEC checks.

### How it is used

Users can submit a domain to dnsviz.net for a visual DNSSEC analysis, or install the CLI to run probes and generate analysis locally.

The tool is used for DNSSEC pre-deployment testing, post-deployment troubleshooting, and explaining DNSSEC authentication chains to humans who need more than raw dig or delv output.

### Why package nerds care

DNSViz sits in the small but important class of DNS tools that are not just query clients: it captures DNS behavior, models validation, and renders the result as an operator-facing graph.

For package metadata, it is a good example of a command-line package whose identity is inseparable from a long-running public web service.

### Timeline

- 2011: Internet Society Deploy360 documented DNSViz as a Sandia-operated DNS visualization tool for DNSSEC testing.
- 2012: Sandia published a project story describing Casey Deccio's DNSViz work for DNSSEC troubleshooting.
- 2014: GitHub releases show the 0.1.0 open-source release line for dnsviz.
- 2024-2025: Later releases modernized dependencies, including replacing M2Crypto with cryptography and fixing dnspython compatibility.

### Related projects

- Related DNSSEC diagnostics include Verisign Labs DNSSEC Debugger, delv from BIND, drill from ldns, and the broader dnspython ecosystem used by many DNS analysis tools.
- DNSViz also has a separate dnsvizwww repository for the web front end around the analysis engine.

### Sources

- <https://dnsviz.net/>
- <https://github.com/dnsviz/dnsviz>
- <https://www.internetsociety.org/resources/deploy360/2011/testing-dnsviz-a-dns-visualization-tool-3/>
- <https://newsreleases.sandia.gov/dnsviz/>
- <https://github.com/dnsviz/dnsviz/releases>
- <https://github.com/dnsviz/dnsvizwww>


## Security Notes

narrow executable package without higher-risk signals.

- **Geiger risk:** green / low
- narrow executable package without higher-risk signals

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** dnsviz
- **Version Scheme:** 0
- **Revision:** 2
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- Debian apt - dnsviz - 0.11.1-1: normalized package name match | Debian stable package indexes: dnsviz from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | Tools for analyzing and visualizing DNS and DNSSEC behavior | https://github.com/dnsviz/dnsviz
- Nix - dnsviz: normalized package name match | nixpkgs package indexes: pkgs/by-name/dn/dnsviz/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- Ubuntu apt - dnsviz - 0.9.4-1: normalized package name match | Ubuntu 24.04 LTS package indexes: dnsviz from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz | Tools for analyzing and visualizing DNS and DNSSEC behavior | https://github.com/dnsviz/dnsviz
- dnf - dnsviz - 0.11.1-8.fc45: normalized package name match | Fedora Rawhide package metadata: dnsviz from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | Tools for analyzing and visualizing DNS and DNSSEC behavior | https://github.com/dnsviz/dnsviz
- MacPorts - dnsviz: normalized package name match | MacPorts ports tree: net/dnsviz/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Media and graphics packages](https://www.automicvault.com/pkg/media-graphics-tools/) - Matched media, image, audio, video, or graphics metadata.
- [graphviz](https://www.automicvault.com/pkg/brew/graphviz/) - Runtime dependency declared by Homebrew.
- [openssl@3](https://www.automicvault.com/pkg/brew/openssl-3/) - Runtime dependency declared by Homebrew.
- [python@3.14](https://www.automicvault.com/pkg/brew/python-3-14/) - Runtime dependency declared by Homebrew.
- [bind](https://www.automicvault.com/pkg/brew/bind/) - Build dependency declared by Homebrew.
- [pkgconf](https://www.automicvault.com/pkg/brew/pkgconf/) - Build dependency declared by Homebrew.
- [swig](https://www.automicvault.com/pkg/brew/swig/) - Build dependency declared by Homebrew.
- [dnstracer](https://www.automicvault.com/pkg/brew/dnstracer/) - Shares av.db curated category or tags: cli, diagnostics, dns, networking.
- [getdns](https://www.automicvault.com/pkg/brew/getdns/) - Shares av.db curated category or tags: cli, dns, dnssec, networking.
- [jdnssec-tools](https://www.automicvault.com/pkg/brew/jdnssec-tools/) - Shares av.db curated category or tags: cli, dns, dnssec, networking.
- [knot](https://www.automicvault.com/pkg/brew/knot/) - Shares av.db curated category or tags: cli, dns, dnssec, networking.
- [knot-resolver](https://www.automicvault.com/pkg/brew/knot-resolver/) - Shares av.db curated category or tags: cli, dns, dnssec, networking.
- [ldns](https://www.automicvault.com/pkg/brew/ldns/) - Shares av.db curated category or tags: cli, dns, dnssec, networking.
- [sdns](https://www.automicvault.com/pkg/brew/sdns/) - Shares av.db curated category or tags: cli, dns, dnssec, networking.
- [lexicon](https://www.automicvault.com/pkg/brew/lexicon/) - Both packages touch the same language runtime or ecosystem. Shared terms: cli, cryptography, dns, networking, python.
- [octodns](https://www.automicvault.com/pkg/brew/octodns/) - Both packages touch the same language runtime or ecosystem. Shared terms: cli, dns, networking, python, python-3-14.

## Combined YAML source

View the package source record on GitHub. [combined/dnsviz.yml](https://github.com/automic-vault/db/blob/main/combined/dnsviz.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
