Unbound (DNS server)
Developer(s) | NLnet Labs |
---|---|
Initial release | February 19, 2007 |
Stable release | 1.22.0[1]
/ 17 October 2024 |
Repository | Unbound by NLnetLabs on GitHub |
Written in | C |
Operating system | Unix-like, Windows |
Type | DNS server |
License | BSD license |
Website | unbound |
Unbound is a validating, recursive, and caching DNS resolver product from NLnet Labs. It is distributed free of charge in open-source form under the BSD license.
Features
[edit]- Caching resolver with prefetching of popular items before they expire
- DNS over TLS forwarding and server, with domain-validation[2]
- DNS over HTTPS[3][4]
- DNS over QUIC[5]
- Query Name Minimization[6]
- Aggressive Use of DNSSEC-Validated Cache[7]
- Authority zones, for a local copy of the root zone[8]
- DNS64
- DNSCrypt[9]
- DNSSEC validating
- EDNS Client Subnet
History
[edit]Originally designed by Jakob Schlyter of Kirei and Roy Arends of Nominet in 2004, funding was provided by VeriSign and ep.net to develop a prototype written in Java (David Blacka and Matt Larson, VeriSign). In 2006, the prototype was re-written for high-performance in the C programming language by NLnet Labs.[10]
Unbound is designed as a set of modular components that incorporate modern features, such as enhanced security (DNSSEC) validation, Internet Protocol Version 6 (IPv6), and a client resolver application programming interface library as an integral part of the architecture. Originally written for POSIX-compatible Unix-like operating system, it runs on FreeBSD, OpenBSD, NetBSD, macOS, and Linux, as well as Microsoft Windows.
Reception
[edit]Unbound has supplanted the Berkeley Internet Name Daemon (BIND) as the default, base-system name server in FreeBSD and OpenBSD, where it is perceived as smaller, more modern, and more secure for most applications.[11][12]
See also
[edit]- NSD, an authoritative name server, also from NLnet Labs
- Comparison of DNS server software
References
[edit]- ^ "Release Unbound 1.22.0 · NLnetLabs/unbound". Retrieved 20 October 2024.
- ^ "Actually secure DNS over TLS in Unbound". Ctrl blog. 2018-06-07. Retrieved 2018-06-11.
- ^ Wijngaards, Wouter (8 October 2020). "Unbound 1.12.0 released". NLnet Labs. Retrieved 26 October 2020.
- ^ Dolmans, Ralph (9 October 2020). "DNS-over-HTTPS in Unbound". The NLnet Labs Blog. Retrieved 26 October 2020.
- ^ "Unbound 1.22.0 released". NLnet Labs. 2024-12-20 [Thu, 17 October 2024]. Archived from the original on 2024-12-21. Retrieved 2024-12-21.
- ^ Wijngaards, Wouter (10 December 2015). "Unbound 1.5.7 release". unbound-users (Mailing List). Retrieved 26 October 2020.
- ^ Wijngaards, Wouter (15 March 2018). "Unbound 1.7.0 Release". unbound-users (Mailing List). Retrieved 26 October 2020.
- ^ Wijngaards, Wouter (15 March 2018). "Unbound 1.7.0 Release". unbound-users (Mailing List). Retrieved 26 October 2020.
- ^ "unbound.conf(5) - Unbound 1.19.0 Documentation". NLnet Labs. 8 November 2023. Retrieved 2 February 2024.
- ^ Eric Brown. "Open source DNS server takes on BIND". Retrieved 2020-03-21.
- ^ "Heads Up: BIND Disabled in Base". OpenBSD Journal. August 23, 2014. Retrieved June 10, 2015.
- ^ Dag-Erling Smørgrav (September 24, 2014). "DNS in FreeBSD 10". Dag-Erling Smørgrav's blog. Retrieved June 10, 2015.