I Built a Next-Gen DNS Diagnostic CLI in Rust That Visualizes DNSSEC Trust Chains

If you've ever tried to debug a DNSSEC misconfiguration using dig, you know the pain. You're staring at a wall of raw text, manually cross-referencing DS records against DNSKEY records, tracing through TLD delegations one query at a time. It works — but it's exhausting.

I wanted something better. So I built shohei — a Rust-powered DNS diagnostic CLI that makes the invisible visible.

github.com/kent-tokyo/shohei

What Is shohei?

shohei is a next-generation DNS diagnostic tool that goes well beyond what dig or drill offer. It renders DNS resolution as color-coded terminal trees, walks you through DNSSEC trust chains step by step, and supports modern transports like DoH and DoT — all from a single command.

I wanted something better. So I built shohei — a Rust-powered DNS diagnostic CLI that makes the invisible visible.

github.com/kent-tokyo/shohei

What Is shohei?

I Built a Next-Gen DNS Diagnostic CLI in Rust That Visualizes DNSSEC Trust Chains

I Built a Next-Gen DNS Diagnostic CLI in Rust That Visualizes DNSSEC Trust Chains

Other newsrooms on this story

Related reading

A Caddy Cert Expired Because systemd-resolved Was Selectively Lying

When DNSSEC goes wrong: how we responded to the .de TLD outage

I scanned Dub's codebase. It's not a link shortener.

Deploying NextDNS Router-Side to Strip Ads From Video Discovery Traffic

I'm 16, and I Built an AI Tool That Audits Your Technical Debt Without Ever…

I Built an Agentic Linux Security Tool. It Took Way More Iterations Than I…

Other newsrooms on this story

Related reading

A Caddy Cert Expired Because systemd-resolved Was Selectively Lying

When DNSSEC goes wrong: how we responded to the .de TLD outage

I scanned Dub's codebase. It's not a link shortener.

Deploying NextDNS Router-Side to Strip Ads From Video Discovery Traffic

I'm 16, and I Built an AI Tool That Audits Your Technical Debt Without Ever…

I Built an Agentic Linux Security Tool. It Took Way More Iterations Than I…