Unbound (DNS server)
Unbound is a validating, recursive, and caching DNS resolver software product from NLnet Labs. It is distributed free of charge in open-source form under the Modified BSD License.
Features
- Caching resolver with prefetching of popular items before they expire
- DNS over TLS forwarding and server, with domain-validation
- DNS over HTTPS
- DNS over QUIC
- Query name minimization
- Aggressive use of DNSSEC-Validated Cache
- Authority zones, for a local copy of the root zone
- DNS64
- DNSCrypt
- Domain Name System Security Extensions validating
- EDNS client subnet
History
Originally designed by Jakob Schlyter of Kirei and Roy Arends of Nominet in 2004, funding was provided by VeriSign and ep.net to develop a prototype written in Java. In 2006, the prototype was re-written for high-performance in the C programming language by NLnet Labs.Unbound is designed as a set of modular components that incorporate modern features, such as enhanced security validation, Internet Protocol Version 6, and a client resolver application programming interface library as an integral part of the architecture. Originally written for POSIX-compatible Unix-like operating system, it runs on FreeBSD, OpenBSD, NetBSD, macOS, and Linux, as well as Microsoft Windows.