Graphviz Code Examples for Network Diagrams

If you've ever tried to explain a network layout to a teammate using just words or a whiteboard sketch that nobody could read later, you already know the problem. Network diagrams need to be reproducible, version-controlled, and easy to update. That's exactly where Graphviz code examples for network diagrams come in. Instead of dragging boxes around in a GUI, you describe your network topology in plain text, and Graphviz renders it for you. This article walks through real code, common pitfalls, and practical patterns you can start using today.

What Is Graphviz and Why Use It for Network Diagrams?

Graphviz is an open-source graph visualization software developed by AT&T Labs. You write a simple declarative language called DOT that describes nodes and edges, and Graphviz generates a visual diagram. For network engineers, DevOps teams, and architects, this means your network topology lives in a text file easy to diff, easy to store in Git, and easy to regenerate whenever the infrastructure changes.

Unlike hand-drawn diagrams or proprietary tools, Graphviz diagrams are deterministic. The same input always produces the same output. That consistency matters when you're documenting production environments or creating runbooks for incident response.

You can explore how code-to-diagram workflows compare across tools in our guide on code-generated flowcharts in Python, which covers similar territory for flowcharts specifically.

How Do You Write a Basic Network Diagram in Graphviz?

A minimal Graphviz file for a network diagram uses the digraph keyword (for directed graphs) or graph (for undirected). Here's a simple three-tier network:

digraph network {
 rankdir=LR;

 internet [label="Internet" shape=cloud];
 firewall [label="Firewall" shape=box];
 web_server [label="Web Server\n192.168.1.10" shape=box];
 db_server [label="Database\n192.168.1.20" shape=box];

 internet -> firewall;
 firewall -> web_server;
 web_server -> db_server;
}

This produces a left-to-right flow showing traffic entering from the internet, passing through a firewall, hitting the web server, and reaching the database. Each node gets a label for display text and a shape to visually distinguish device types.

The rankdir=LR attribute tells Graphviz to lay the graph out left-to-right instead of top-to-bottom, which usually works better for network topologies.

What Are Common Graphviz Shapes for Network Diagrams?

Graphviz supports many shapes, but for network diagrams, a handful cover most needs:

box servers, switches, firewalls
ellipse general nodes, virtual machines
circle endpoints, clients
cloud internet, cloud providers (requires shape=cloud)
polygon load balancers (often styled with shape=hexagon)
record multi-field representations for routers with multiple interfaces

Here's an example using multiple shapes for a more realistic network layout:

digraph datacenter {
 rankdir=TB;
 node [style=filled fillcolor=lightyellow fontsize=11];

 lb [label="Load Balancer\nHAProxy" shape=hexagon fillcolor=lightsalmon];
 web1 [label="Web 1\n10.0.1.11" shape=box];
 web2 [label="Web 2\n10.0.1.12" shape=box];
 web3 [label="Web 3\n10.0.1.13" shape=box];
 cache [label="Redis Cache\n10.0.2.10" shape=box3d fillcolor=lightblue];
 db_primary [label="PostgreSQL Primary\n10.0.3.10" shape=box fillcolor=lightgreen];
 db_replica [label="PostgreSQL Replica\n10.0.3.11" shape=box fillcolor=palegreen];

 lb -> {web1 web2 web3};
 web1 -> cache;
 web2 -> cache;
 web3 -> cache;
 web1 -> db_primary;
 web2 -> db_primary;
 web3 -> db_primary;
 db_primary -> db_replica [label="replication" style=dashed];
}

This diagram shows a load balancer distributing traffic across three web servers, all sharing a Redis cache and a PostgreSQL primary-replica setup. The dashed edge for replication makes the data flow direction clear without cluttering the diagram.

How Do You Show Subnets and Network Segments in Graphviz?

Real networks aren't flat. You typically have DMZs, internal subnets, and management networks. Graphviz's subgraph feature handles this well. Subgraphs let you group nodes into clusters, which Graphviz renders with a surrounding box:

digraph segmented_network {
 rankdir=LR;
 compound=true;
 node [shape=box style=filled fontsize=10];

 subgraph cluster_dmz {
 label="DMZ 10.0.1.0/24";
 style=dashed;
 fillcolor="#FFF3E0";

 firewall [label="Firewall" fillcolor=lightsalmon];
 web [label="Web Server" fillcolor=lightyellow];
 proxy [label="Reverse Proxy" fillcolor=lightyellow];
 }

 subgraph cluster_internal {
 label="Internal 10.0.2.0/24";
 style=dashed;
 fillcolor="#E3F2FD";

 app [label="App Server" fillcolor=lightblue];
 db [label="Database" fillcolor=lightblue];
 }

 subgraph cluster_mgmt {
 label="Management 10.0.3.0/24";
 style=dashed;
 fillcolor="#E8F5E9";

 monitoring [label="Grafana\nMonitoring" fillcolor=palegreen];
 logs [label="Log Server\nELK" fillcolor=palegreen];
 }

 firewall -> proxy;
 proxy -> web;
 web -> app;
 app -> db;
 monitoring -> {web app db} [style=dashed color=gray];
 {web app db} -> logs [style=dotted color=gray];
}

The cluster_ prefix in the subgraph name is what triggers Graphviz to draw the surrounding box. The dashed lines to monitoring and logging show secondary traffic flows without dominating the diagram.

How Do You Add IP Addresses, Ports, and Protocol Labels?

Network diagrams are only useful if they include addressing details. Graphviz edge labels make this straightforward:

digraph network_detail {
 node [shape=box style=rounded];

 client [label="Client\n192.168.1.50"];
 gateway [label="Gateway\n192.168.1.1"];
 server [label="API Server\n10.0.1.20"];
 database [label="PostgreSQL\n10.0.2.30"];

 client -> gateway [label="HTTPS\n:443" color=blue];
 gateway -> server [label="TCP\n:8080" color=green];
 server -> database [label="PostgreSQL\n:5432" color=orange];
}

Using color coding for different protocols (blue for HTTPS, green for TCP, orange for database connections) makes the diagram scannable at a glance. Keep the colors consistent across your documentation set.

What Are Common Mistakes When Writing Graphviz Network Diagrams?

After using Graphviz for network documentation across dozens of projects, here are the errors that come up most often:

Forgetting semicolons. Every statement in DOT needs a semicolon. Missing one produces cryptic parse errors that are hard to track down.
Overcrowded diagrams. Trying to show every single interface and cable in one graph produces unreadable output. Split large networks into multiple focused diagrams instead.
Using inconsistent naming. If one node is named web_server_01 and another is DBServer02, the DOT file becomes hard to maintain. Pick a naming convention and stick to it.
Ignoring layout direction. The default top-to-bottom layout works for some networks but not all. Use rankdir=LR for wide topologies or rankdir=BT for hierarchical views that flow upward.
No rank hints. Sometimes Graphviz puts nodes in unexpected positions. Use {rank=same; node1; node2;} to force nodes onto the same horizontal level when the layout needs it.
Skipping the legend. If you use color coding or custom shapes, add a legend subgraph so other people can actually read your diagram.

How Do You Render Graphviz Diagrams?

Once you have your DOT file saved (e.g., network.dot), rendering is a single command:

dot -Tpng network.dot -o network.png

Common output formats include:

-Tpng raster image for documents and wikis
-Tsvg scalable vector for web pages and presentations
-Tpdf print-ready documents
-Tsvg is usually the best choice for documentation because it scales without losing quality.

You can also use the Graphviz Online editor to preview your DOT code directly in the browser without installing anything locally.

How Does Graphviz Compare to Other Diagram-as-Code Tools?

Graphviz excels at network topology diagrams because its automatic layout engine handles positioning for you. Tools like PlantUML are better for sequence diagrams and database schemas you can see those use cases in our PlantUML database schema visualization guide.

For Python-based workflows where you want to generate diagrams programmatically (perhaps pulling live data from a cloud API), our article on code-generated flowcharts in Python covers how to integrate diagram generation into automation scripts.

The right tool depends on what you're documenting. For pure network topology with clean automatic layout, Graphviz is hard to beat. For workflows that need conditional logic or integration with infrastructure-as-code, a Python library might be more practical.

Can You Style Graphviz Network Diagrams to Match a Brand or Template?

Yes. Graphviz supports global style attributes that you can set at the top of your file to keep diagrams consistent:

digraph styled_network {
 // Global defaults
 graph [fontname="Arial" fontsize=14 bgcolor="#FAFAFA" pad=0.5];
 node [fontname="Arial" fontsize=11 style=filled shape=box fillcolor="#E3F2FD" color="#1565C0"];
 edge [fontname="Arial" fontsize=9 color="#555555" penwidth=1.5];

 // Network nodes here
}

Setting defaults globally means every node and edge inherits those styles. You only override per-node when something needs to stand out, like a critical alert system or an external dependency.

Practical Checklist for Your Next Graphviz Network Diagram

List all network devices, servers, and endpoints before writing any DOT code.
Define your naming convention for node IDs (snake_case works well).
Use subgraph clusters to represent subnets, VPCs, or security zones.
Apply consistent shapes for device types (box for servers, hexagon for load balancers, cloud for external).
Add IP addresses and port numbers as edge or node labels.
Use color to distinguish protocols or traffic types but keep it to 3-4 colors max.
Test with both dot and neato layout engines; neato sometimes produces better results for mesh topologies.
Commit the DOT source file to version control alongside the rendered output.
Add a legend if you use custom styling.
Keep individual diagrams to roughly 15-20 nodes. Split larger networks into layered diagrams.

Quick tip: Run dot -Tsvg network.dot -o network.svg and embed the SVG directly in your wiki or documentation site. It stays crisp at any zoom level, and readers can search the text inside it something raster images don't support.