Privacytools.io: ๐ Software Suggestion | DNS server software for advanced users
This is salvaged from #1028 which solution #1054 I cut.
- [ ] dnssec-trigger (edited in afterwards, it's not so advanced)
- [x] Unbound (software)
- [ ] Bind (software)
- [ ] PowerDNS (software)
- [ ]
the DNSCrypt server (I need to read more details)DNSCrypt Server Proxy (software)
The below is copy-pasted from nitrohorse's first comment, thanks :purple_heart:
Name: DNSSEC-Trigger
Category: Software
Description: "DNSSEC-Trigger is experimental software that enables your computer to use DNSSEC protection for the DNS traffic."
URLs:
Name: Unbound
Category: Software
Description: "Unbound is a validating, recursive, caching DNS resolver. It is designed to be fast and lean and incorporates modern features based on open standards."
URLs:
Name: BIND 9
Category: Software
Description: "BIND 9 is the most widely used DNS software on the Internet. It performs both of the main DNS server roles โ acting as an authoritative name server for one or more specific domains, and acting as a recursive resolver for the DNS system generally."
URLs:
Name: PowerDNS
Category: Software
Description: "PowerDNS is a DNS server, written in C++ and licensed under the GPL."
URLs:
Name: DNSCrypt
Category: Protocol
Description: "DNSCrypt is a network protocol which authenticates and encrypts Domain Name System (DNS) traffic between the user's computer and recursive name servers."
URLs:
Mikaela
All 5 comments
First go at it:
Name: DNSSEC-Trigger
Category: Software
Description: "DNSSEC-Trigger is experimental software that enables your computer to use DNSSEC protection for the DNS traffic."
URLs:
Name: Unbound
Category: Software
Description: "Unbound is a validating, recursive, caching DNS resolver. It is designed to be fast and lean and incorporates modern features based on open standards."
URLs:
Name: BIND 9
Category: Software
Description: "BIND 9 is the most widely used DNS software on the Internet. It performs both of the main DNS server roles โ acting as an authoritative name server for one or more specific domains, and acting as a recursive resolver for the DNS system generally."
URLs:
Name: PowerDNS
Category: Software
Description: "PowerDNS is a DNS server, written in C++ and licensed under the GPL."
URLs:
Name: DNSCrypt
Category: Protocol
Description: "DNSCrypt is a network protocol which authenticates and encrypts Domain Name System (DNS) traffic between the user's computer and recursive name servers."
URLs:
nitrohorse
on 26 Jul 2019
I am told that we are confusing recursive resolvers and authoritative nameservers here.
- dnssec-trigger doesn't belong to the group
- mostly authoritative resolvers: Bind9, PowerDNS
- mostly recursive: Unbound
- unknown: dnscrypt
Suggested reading:
I like how the https://cr.yp.to/djbdns.html titles things: "Finding addresses of computers around the Internet" vs. "Publishing addresses of your own computers"
Mikaela
on 6 Aug 2019
Idea and I and @nitrohorse talked on the team chat: link to my unbound.conf.d/dns-over-tls.conf as worth mentioning so everyone doesn't have to go and find the information separately. I think I list everything else than NextDNS.
I also have some other unbound.conf.d files, but I don't think anything else would be interesting and my dotfiles are messy.
Mikaela
on 17 Aug 2019
https://github.com/DNSCrypt/dnscrypt-proxy/issues/937 - DNSCrypt Server Proxy has been announced and likely affects this issue.
Mikaela
on 20 Sep 2019
Team chat has suggested that this could be out-of-scope
Mikaela
on 2 Oct 2019
Related issues
Mikaela
ยท
3Comments
BurungHantu1605
ยท
3Comments
freddy-m
ยท
3Comments
merlinnusr
ยท
3Comments
Strappazzon
ยท
3Comments