Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Mode

Stub 

Recursive resolver

Software

ldns

(drill)

digit

getdns

BIND

(dig)

getdns*

UnboundBIND

Knot

Res

 

 

TCP/TLS Features

TCP fast open** (tick)

(tick)

 

P

   
Connection reuse (Q/R, Q/R, Q/R) (tick)

(tick)

(tick)  (tick)(tick)

Pipelining of queries(Q,Q,Q,R,R,R)

n/a(tick)

(tick)

(tick)  (tick)(tick)
Process OOOR (Q1,Q2,R2,R1)n/a (tick)

(tick)

(tick)  (tick)(tick)
EDNS0 Keepalive***  (tick)     

 

 

TLS Features

TLS encryption (Port 853) (tick)(tick) (tick)(tick)  
TLS authentication  (tick)     
EDNS0 Padding  (tick)     
EDNS0 Keepalive  (tick)     

Servers

ModeRecursiveAuth
Software

Unbound

BIND

Knot

Res

NSDBIND

Knot

Auth

 

TCP/TLS Features

TCP fast open**  (tick)   

Process Pipelined queries

(tick)(tick)(tick)(tick)(tick)(tick)
Provide OOORWIP(tick)(tick)   
EDNS0 Keepalive***WIP     

 


TLS Features

TLS encryption (Port 853)(tick) WIP   
Provide TLS auth credentials(tick) WIP   
EDNS0 Padding      EDNS0 KeepaliveWIP

 

...

 

KEY:

  • Green square (tick) - indicates latest release already supports this functionality
  • Blue square - indicates that a patch is available in our git repo. See here for details: DNS-over-TLS patches
  • Yellow square - indicates work in progress
  • P - Requires building against a patched version of libunbound

*    getdns uses libunbound in recursive mode
**  not yet available on Windows 
*** Implies robust TCP connection management (see RFC7828 and RFC7766)

Note pipelining and OOOP are not applicable for synchronous applications

...