DNS softwareHere is a list of DNS software that is currently (as of 2016) being maintained:
- BIND is
the swiss army knife of DNS servers. It has a lot of
features and can do pretty much everything. It's also
a big binary and sometimes difficult to configure. CVE BIND supports DNSSec.
- Unbound and NSD make up a suite of
DNS servers; they are both from NLnet Labs.
Basically, one (NSD) puts your web page on the Internet; the other (Unbound) looks for web pages on the Internet. NSD CVE (None of those entries look to point to NSD; it appears to have no CVE entries) Unbound CVE Both support DNSSec.
- Knot DNS and
Knot Resolver are two new
DNS servers for the 2010s (an authoritative and recursive component);
the recursive resolver is from 2016. Both support modern DNS features,
such as DNSSec. Like NSD and Unbound, Knot DNS serves DNS records and
Knot Resolver looks for DNS records on the Internet.
So far, there do not appear to be any CVE reports for either server, but both packages are fairly new. There’s a good writeup at LWN by the implementer about Knot DNS.
- PowerDNS (which
like Unbound/NSD, is two separate programs) has a lot of
flexibility with connecting to databases or what not to
resolve a DNS name. Used by Wikimedia, among others. CVE.
- DjbDNS. Great
tiny two-program DNS suite that sadly hasn't been updated by DJB since 2001. Yes,
it does have security problems (That's a CVE link). Note that
there are at least two security issues with DjbDNS which do not
have CVE numbers.
For anyone who wants to use DjbDNS, use N-DjbDNS, which is (as of mid-2015) patched against all known security holes.
- MaraDNS. It was once a single program, now two separate programs (like Unbound/BSD and PowerDNS) Easy-to-configure; tiny binary suitable for embedded systems. CVE
There are many many other DNS servers, both open source and non-open source.Some other DNS servers:
Freely downloadable DNS serversCaching DNS servers
- DnsMasq is a non-recursive caching DNS server.
- pdnsd is a recursive caching DNS server. Paul Rombouts is (was?) the current maintainer of this program.
- Posadis is another DNS server project, similar to MaraDNS. This server is now both a resolving and an authoritative DNS server. Hasn't been updated in a while.
- Knot DNS has DNSSEC support.
- MyDNS is an authoritative-only DNS server which uses MySQL as a database back end. The most currently updated version appears to be MyDNS-ng, the "next generation" version of MyDNS.
- SDNS is a project written in the late 1990s by Sandia Labs. Like MaraDNS, this project was written with security in mind. Since this is a government project, the code is public domain. The program does not seem to be downloadable anywhere, so I am mirroring it here. I would like to thank Fred Cohen for informing me about this package.
- The Pliant language/package comes with a DNS server. This DNS server can not recursively process DNS queries given a list of root servers.
- Twisted includes a non-recursive DNS server.
- DnsJAVA is an authoritative-only DNS server written in Java.
- The Eddit project includes a DNS server
- SheerDNS is a simple non-caching DNS server that stores all records as their own files.
These are DNS server projects which have not released any files for a significant period of time, and are not fully functioning DNS servers (either because the program did not have basic DNS functionality when abandoned, the program was not documented before being abandoned, or because the program was abandoned so long ago that it is not fully functional on today's internet).
- Oak DNS is a DNS server written completely in python. It is compatible (I think) with both BIND zone files and cache files. The file can be downloaded here, or here. The most recent alpha version can be downloaded here. The most recent file in this alpha is from February of 2003; the original website is now owned by a cyber-squatter. (Thanks, Michel Talon, for the update)
- MooDNS is another DNS server
A CVS checkout on January 21, 2003 shows that no files have been updated
since July 20, 2002, except for a single readme file updated on August
1, 2002. This project is abandoned.
I have made a tarball available for people who do not want to bother with a CVS checkout.
- Dents is a DNS server that showed a lot of promise. Unfortunately, no files have been released since 1999.
- Yaku-NS is a DNS server geared towards embedded systems. According to the changelog, no one has made any changes to this software since Feburary, 2001.
- CustomDNS has not released any files since the summer of 2000.
- Rick Moen has a great list of open-source DNS servers.
- LdapDNS is a small DNS server which converts DNS requests in to LDAP requests, without caching.
- DnsPython is a DNS toolkit for Python.
- GnuDIP is designed for dynamically assigned IP addresses.
- JD Resolve is a tool written in Perl that uses DNS to resolve hostnames.
- Dproxy is a caching DNS proxy.
- Dan J. Bernstein also has a list of DNS servers