Implementation Status

This table lists the current status of DNS-over-TLS related features in the latest stable releases of a selection of commonly used DNS software. 

Client/Server

Client - Stub 

Client - Recursive

Server - RecursiveServer - Auth
Software

ldns

(drill)

digit

getdns

BIND

(dig)

getdns*

UnboundBIND

Unbound

BINDNSDBIND
Port based TLS (tick)(tick) (tick)(tick) (tick)   
TCP fast open** (tick)

(tick)

 

P

      
Connection reuse (tick)

(tick)

(tick)WIPWIP(tick)(tick)(tick)(tick)(tick)

Pipelining***

n/a(tick)

(tick)

(tick)  (tick)(tick)(tick)(tick)(tick)
OOOP***n/a (tick)

(tick)

(tick)  (tick)WIP(tick)  
TLS authentication  (tick)  2016 (tick)   
EDNS0 Padding  (tick)        
EDNS0 Keepalive  (tick)  2016     

 

KEY:

*    getdns uses libunbound in recursive mode
**  not available on Windows 
***  Pipelining and OOOP are not applicable for synchronous applications