Unbound is a validating, recursive, caching DNS resolver. It is designedto be fast and lean and incorporates modern features based on openstandards.
To help increase online privacy, Unbound supports DNS-over-TLS and DNS-over-HTTPS which allows clients to encrypttheir communication. In addition, it supports various modern standards thatlimit the amount of data exchanged with authoritative servers. Thesestandards do not only improve privacy but also help making the DNS morerobust. The most important are Query Name Minimisation, the Aggressive Use ofDNSSEC-Validated Cache and supportfor authority zones, which can beused to load a copy of the root zone.
Unbound runs on all Linux and BSD distributions, as well as macOS, withpackages availablefor most platforms. It is included in the base-system of all major BSDoperating systems and in the standard repositories of most Linuxdistributions. Installation and configuration is designed to be easy. Settingup a resolver for your machine or network can be done with only a few linesof configuration.
It is free, open source software under the BSD license. The guidingprinciples for our product development roadmap are first and foremost thesecurity and privacy of the user. In addition, all functionality must bebacked by well established open standards. We continually improve thefunctionality of Unbound for all of our users. This means we do not makecustom builds or provide specific features to paying customers only. Ourpriorities are guided by the feedback of our user base, in particular thoseusers with a support contract, as well as thewider Internet community. Sponsored functionality will be given a higherpriority where possible and is evaluated on a case-by-case basis.