DNS softwareHere is a list of DNS software that is open source, is currently (as of 2016) being maintained, and that has authoritative and recursive DNSSEC support:
- BIND is
the swiss army knife of DNS servers. It has a lot of
features and can do pretty much everything. It's also
a big binary and sometimes difficult to configure. CVE BIND supports DNSSec.
- Unbound and NSD make up a suite of
DNS servers; they are both from NLnet Labs.
Basically, one (NSD) puts your web page on the Internet; the other (Unbound) looks for web pages on the Internet. NSD CVE (None of those entries look to point to NSD; it appears to have no CVE entries) Unbound CVE Both support DNSSec.
- Knot DNS and
Knot Resolver are two new
DNS servers for the 2010s (an authoritative and recursive component);
the recursive resolver is from 2016. Both support modern DNS features,
such as DNSSec. Like NSD and Unbound, Knot DNS serves DNS records and
Knot Resolver looks for DNS records on the Internet.
So far, there do not appear to be any CVE reports for either server, but both packages are fairly new. There’s a good writeup at LWN by the implementer about Knot DNS.
- PowerDNS (which
like Unbound/NSD, is two separate programs) has a lot of
flexibility with connecting to databases or what not to
resolve a DNS name. Used by Wikimedia, among others. CVE.
- DjbDNS. Great
tiny two-program DNS suite that sadly hasn't been updated by DJB since 2001. Yes,
it does have security problems (That's a CVE link). Note that
there are at least two security issues with DjbDNS which do not
have CVE numbers.
For anyone who wants to use DjbDNS, use N-DjbDNS, which is (as of mid-2015) patched against all known security holes.
There are patches to give the authoritative half DNSSEC support; there is no DNSSEC support for the recursor.
- MaraDNS. It was once a single program,
now two separate programs (like Unbound/BSD and PowerDNS)
Easy-to-configure; tiny binary suitable for embedded systems. CVE
MaraDNS does not support DNSSEC nor EDNS.
There are many many other DNS servers, both open source and non-open source. Here is an incomplete list of the open source ones: DnsMasq, pdnsd, Posadis, MyDNS, MyDNS-ng, SDNS (Public domain, local download link), DnsJAVA