Jump to content

Unbound (DNS server)

From Wikipedia, the free encyclopedia
Unbound
Developer(s)NLnet Labs
Initial releaseFebruary 19, 2007; 17 years ago (2007-02-19)
Stable release
1.21.1[1] Edit this on Wikidata / 3 October 2024; 2 days ago (3 October 2024)
RepositoryUnbound by NLnetLabs on GitHub
Written inC
Operating systemUnix-like, Windows
TypeDNS server
LicenseBSD license
Websiteunbound.net Edit this on Wikidata

Unbound is a validating, recursive, and caching DNS resolver product from NLnet Labs. It is distributed free of charge in open-source form under the BSD license.

Features

[edit]
  • Caching resolver with prefetching of popular items before they expire
  • DNS over TLS forwarding and server, with domain-validation[2]
  • DNS over HTTPS[3][4]
  • Query Name Minimization[5]
  • Aggressive Use of DNSSEC-Validated Cache[6]
  • Authority zones, for a local copy of the root zone[7]
  • DNS64
  • DNSCrypt[8]
  • DNSSEC validating
  • EDNS Client Subnet

History

[edit]

Originally designed by Jakob Schlyter of Kirei and Roy Arends of Nominet in 2004, funding was provided by VeriSign and ep.net to develop a prototype written in Java (David Blacka and Matt Larson, VeriSign). In 2006, the prototype was re-written for high-performance in the C programming language by NLnet Labs.[9]

Unbound is designed as a set of modular components that incorporate modern features, such as enhanced security (DNSSEC) validation, Internet Protocol Version 6 (IPv6), and a client resolver application programming interface library as an integral part of the architecture. Originally written for POSIX-compatible Unix-like operating system, it runs on FreeBSD, OpenBSD, NetBSD, macOS, and Linux, as well as Microsoft Windows.

Reception

[edit]

Unbound has supplanted the Berkeley Internet Name Daemon (BIND) as the default, base-system name server in FreeBSD and OpenBSD, where it is perceived as smaller, more modern, and more secure for most applications.[10][11]

See also

[edit]

References

[edit]
  1. ^ "Release Unbound 1.21.1 · NLnetLabs/unbound". Retrieved 3 October 2024.
  2. ^ "Actually secure DNS over TLS in Unbound". Ctrl blog. 2018-06-07. Retrieved 2018-06-11.
  3. ^ Wijngaards, Wouter (8 October 2020). "Unbound 1.12.0 released". NLnet Labs. Retrieved 26 October 2020.
  4. ^ Dolmans, Ralph (9 October 2020). "DNS-over-HTTPS in Unbound". The NLnet Labs Blog. Retrieved 26 October 2020.
  5. ^ Wijngaards, Wouter (10 December 2015). "Unbound 1.5.7 release". unbound-users (Mailing List). Retrieved 26 October 2020.
  6. ^ Wijngaards, Wouter (15 March 2018). "Unbound 1.7.0 Release". unbound-users (Mailing List). Retrieved 26 October 2020.
  7. ^ Wijngaards, Wouter (15 March 2018). "Unbound 1.7.0 Release". unbound-users (Mailing List). Retrieved 26 October 2020.
  8. ^ "unbound.conf(5) - Unbound 1.19.0 Documentation". NLnet Labs. 8 November 2023. Retrieved 2 February 2024.
  9. ^ Eric Brown. "Open source DNS server takes on BIND". Retrieved 2020-03-21.
  10. ^ "Heads Up: BIND Disabled in Base". OpenBSD Journal. August 23, 2014. Retrieved June 10, 2015.
  11. ^ Dag-Erling Smørgrav (September 24, 2014). "DNS in FreeBSD 10". Dag-Erling Smørgrav's blog. Retrieved June 10, 2015.
[edit]