Unbound (DNS server)

From Wikipedia, the free encyclopedia
Developer(s)NLnet Labs
Initial releaseFebruary 19, 2007; 16 years ago (2007-02-19)
Stable release
1.16.2 / August 1, 2022; 7 months ago (2022-08-01)[1]
Written inC
Operating systemUnix-like, Windows
TypeDNS server
LicenseBSD license
Websiteunbound.net Edit this on Wikidata

Unbound is a validating, recursive, and caching DNS resolver product from NLnet Labs. It is distributed free of charge in open-source form under the BSD license.


  • Caching resolver with prefetching of popular items before they expire
  • DNS over TLS forwarding and server, with domain-validation[2]
  • DNS over HTTPS[3][4]
  • Query Name Minimization[5]
  • Aggressive Use of DNSSEC-Validated Cache[6]
  • Authority zones, for a local copy of the root zone[7]
  • DNS64
  • DNSCrypt[8]
  • DNSSEC validating
  • EDNS Client Subnet


Originally designed by Jakob Schlyter of Kirei and Roy Arends of Nominet in 2004, funding was provided by VeriSign and ep.net to develop a prototype written in Java (David Blacka and Matt Larson, VeriSign). In 2006, the prototype was re-written for high-performance in the C programming language by NLnet Labs. [9]

Unbound is designed as a set of modular components that incorporate modern features, such as enhanced security (DNSSEC) validation, Internet Protocol Version 6 (IPv6), and a client resolver application programming interface library as an integral part of the architecture. Originally written for POSIX-compatible Unix-like operating system, it runs on FreeBSD, OpenBSD, NetBSD, macOS, and Linux, as well as Microsoft Windows.


Unbound has supplanted the Berkeley Internet Name Daemon (BIND) as the default, base-system name server in FreeBSD and OpenBSD, where it is perceived as smaller, more modern, and more secure for most applications.[10][11]

See also[edit]


  1. ^ Wijngaards, Wouter (1 August 2022). "Unbound 1.16.2 released". unbound-users (Mailing list). Retrieved 27 August 2022.
  2. ^ "Actually secure DNS over TLS in Unbound". Ctrl blog. 2018-06-07. Retrieved 2018-06-11.
  3. ^ Wijngaards, Wouter. "Unbound 1.12.0 released". NLnet Labs. Retrieved 26 October 2020.
  4. ^ Dolmans, Ralph. "DNS-over-HTTPS in Unbound". The NLnet Labs Blog. Retrieved 26 October 2020.
  5. ^ Wijngaards, Wouter. "Unbound 1.5.7 release". unbound-users (Mailing List). Retrieved 26 October 2020.
  6. ^ Wijngaards, Wouter. "Unbound 1.7.0 Release". unbound-users (Mailing List). Retrieved 26 October 2020.
  7. ^ Wijngaards, Wouter. "Unbound 1.7.0 Release". unbound-users (Mailing List). Retrieved 26 October 2020.
  8. ^ "Adding DNSCrypt to Unbound". ProToxin. 2017-04-14. Retrieved 2018-06-11.
  9. ^ Eric Brown. "Open source DNS server takes on BIND". Retrieved 2020-03-21.
  10. ^ "Heads Up: BIND Disabled in Base". OpenBSD Journal. August 23, 2014. Retrieved June 10, 2015.
  11. ^ Dag-Erling Smørgrav (September 24, 2014). "DNS in FreeBSD 10". Dag-Erling Smørgrav's blog. Retrieved June 10, 2015.

External links[edit]