Software:Unbound (DNS server)

From HandWiki
Short description: Software
Unbound
Developer(s)NLnet Labs
Initial releaseFebruary 19, 2007; 17 years ago (2007-02-19)
Stable release
1.17.1 / January 12, 2023; 18 months ago (2023-01-12)[1]
RepositoryUnbound by NLnetLabs on GitHub
Written inC
Operating systemUnix-like, Windows
TypeDNS server
LicenseBSD license

Unbound is a validating, recursive, and caching DNS resolver product from NLnet Labs. It is distributed free of charge in open-source form under the BSD license.

Features

  • Caching resolver with prefetching of popular items before they expire
  • DNS over TLS forwarding and server, with domain-validation[2]
  • DNS over HTTPS[3][4]
  • Query Name Minimization[5]
  • Aggressive Use of DNSSEC-Validated Cache[6]
  • Authority zones, for a local copy of the root zone[7]
  • DNS64
  • DNSCrypt[8]
  • DNSSEC validating
  • EDNS Client Subnet

History

Originally designed by Jakob Schlyter of Kirei and Roy Arends of Nominet in 2004, funding was provided by VeriSign and ep.net to develop a prototype written in Java (David Blacka and Matt Larson, VeriSign). In 2006, the prototype was re-written for high-performance in the C programming language by NLnet Labs.[9]

Unbound is designed as a set of modular components that incorporate modern features, such as enhanced security (DNSSEC) validation, Internet Protocol Version 6 (IPv6), and a client resolver application programming interface library as an integral part of the architecture. Originally written for POSIX-compatible Unix-like operating system, it runs on FreeBSD, OpenBSD, NetBSD, macOS, and Linux, as well as Microsoft Windows.

Reception

Unbound has supplanted the Berkeley Internet Name Daemon (BIND) as the default, base-system name server in FreeBSD and OpenBSD, where it is perceived as smaller, more modern, and more secure for most applications.[10][11]

See also

References

  1. "Unbound 1.17.1 released" (Press release). Science Park 400, 1098 XH Amesterdamn, The Netherlands: NLnet Labs. NLnet Labs. 2023-01-12. Retrieved 2023-04-01.CS1 maint: location (link)
  2. "Actually secure DNS over TLS in Unbound". 2018-06-07. https://www.ctrl.blog/entry/unbound-tls-forwarding. 
  3. Wijngaards, Wouter (8 October 2020). "Unbound 1.12.0 released". https://www.nlnetlabs.nl/news/2020/Oct/08/unbound-1.12.0-released/. 
  4. Dolmans, Ralph (9 October 2020). "DNS-over-HTTPS in Unbound". https://blog.nlnetlabs.nl/dns-over-https-in-unbound/. 
  5. Wijngaards, Wouter (10 December 2015). "Unbound 1.5.7 release". https://lists.nlnetlabs.nl/pipermail/unbound-users/2015-December/004135.html. 
  6. Wijngaards, Wouter (15 March 2018). "Unbound 1.7.0 Release". https://lists.nlnetlabs.nl/pipermail/unbound-users/2018-March/005106.html. 
  7. Wijngaards, Wouter (15 March 2018). "Unbound 1.7.0 Release". https://lists.nlnetlabs.nl/pipermail/unbound-users/2018-March/005106.html. 
  8. "Adding DNSCrypt to Unbound". 2017-04-14. https://protoxin.net/adding-dnscrypt-to-unbound/. 
  9. "Open source DNS server takes on BIND". https://linuxdevices.org/open-source-dns-server-takes-on-bind/. 
  10. "Heads Up: BIND Disabled in Base". August 23, 2014. http://undeadly.org/cgi?action=article&sid=20140823064850. 
  11. Dag-Erling Smørgrav (September 24, 2014). "DNS in FreeBSD 10". http://blog.des.no/2013/09/dns-in-freebsd-10/. 

External links