Unbound (DNS server)
Domain Name System software
From Wikipedia, the free encyclopedia
Unbound is a validating, recursive, and caching DNS resolver software product from NLnet Labs. It is distributed free of charge in open-source form under the Modified BSD License.
| Unbound | |
|---|---|
 | |
 Screenshot of Unbound 1.22.0, showing version information, build configuration, and usage of unbound-host to check DNSSEC validation | |
| Developer | NLnet Labs |
| Initial release | February 19, 2007 |
| Stable release | |
| Written in | C |
| Operating system | Unix-like, Windows |
| Type | DNS server |
| License | BSD-3-Clause |
| Website | unbound |
| Repository | Unbound by NLnetLabs on GitHub |
Features
- Caching resolver with prefetching of popular items before they expire
- DNS over TLS forwarding and server, with domain-validation[2]
- DNS over HTTPS[3][4]
- DNS over QUIC[5]
- Query name minimization[6]
- Aggressive use of DNSSEC-Validated Cache[7]
- Authority zones, for a local copy of the root zone[8]
- DNS64
- DNSCrypt[9]
- Domain Name System Security Extensions (DNSSEC) validating
- EDNS client subnet
History
Originally designed by Jakob Schlyter of Kirei and Roy Arends of Nominet in 2004, funding was provided by VeriSign and ep.net to develop a prototype written in Java (David Blacka and Matt Larson, VeriSign). In 2006, the prototype was re-written for high-performance in the C programming language by NLnet Labs.[10]
Unbound is designed as a set of modular components that incorporate modern features, such as enhanced security (DNSSEC) validation, Internet Protocol Version 6 (IPv6), and a client resolver application programming interface library as an integral part of the architecture. Originally written for POSIX-compatible Unix-like operating system, it runs on FreeBSD, OpenBSD, NetBSD, macOS, and Linux, as well as Microsoft Windows.
Reception
See also
- NSD, an authoritative name server, also from NLnet Labs
- Comparison of DNS server software