Implementation Status

This table lists the current status of DNS-over-TLS related features in the latest stable releases of a selection of commonly used DNS software. 

Client/Server

Client - Stub 

Client - Recursive

Server - RecursiveServer - Auth
Software

ldns

(drill)

digit

getdns

BIND

(dig)

getdns*

UnboundBIND

Unbound

BINDNSDBIND
Port based TLS (tick)(tick)2016(tick)(tick) (tick)2016  
TCP fast open** (tick)

(tick)

2016

P

   2016  
Connection reuse (tick)

(tick)

(tick)WIPWIP (tick)(tick)(tick)(tick)

Pipelining***

n/a(tick)

(tick)

n/a20162016 (tick)(tick)(tick)(tick)
OOOP***n/a (tick)

(tick)

n/a       
TLS authentication  (tick)    (tick)   
EDNS0 Padding  (tick)        

 

KEY:

*    getdns uses libunbound in recursive mode
**  not available on Windows 
***  Pipelining and OOOP are not applicable for synchronous applications