Excluded from consideration are single-feature DNS tools (such as proxies, filters, and firewalls) and redistributions of servers listed here (many products repackage BIND, for instance, with proprietary user interfaces).
DNS servers are grouped into several categories of specialization of servicing domain name system queries.
[citation needed] BIND is the de facto standard DNS server.
ISC cited a lack of resources to continue development of BIND 10, and they reaffirmed their commitment to BIND9.
It loads the contents of /etc/hosts, so that local host names which do not appear in the global DNS can be resolved.
In March 2009, Bernstein paid $1000 to the first person finding a security hole in djbdns.
There are multiple forks and more than a dozen patches to add additional features to djbdns.
Its core architecture is tiny and efficient, and most of the rich features are implemented as optional modules, which limits attack surface and improves performance.
Many resolver features are available out-of-the-box as modules while keeping core tiny and efficient.
[8] MaraDNS is a free software DNS server by Sam Trenholme that claims a good security history and ease of use.
Like djbdns dnscache, the MaraDNS 2.0 stand-alone recursive resolver ("Deadwood") does not use threads.
User interface and PowerShell support for managing DNS and DNSSEC were improved as well.
[16] NSD is a free software authoritative server provided by NLNet Labs.
PowerDNS is a free software DNS server with a variety of data storage back-ends and load balancing features.
DNS Cache is scalable, highly secure recursive DNS software from Secure64 which provides built-in protection against high-volume denial of service attacks, including Pseudo Random Sub Domain (PRSD) attacks.
[22] It also supports DNSSEC signing and validation for RSA and ECDSA algorithms with both NSEC and NSEC3.
[25] Unbound is a validating, recursive and caching DNS server designed for high performance.