Comparison of DNS server software

From Wikipedia, the free encyclopedia

This article is a comparison of DNS server software.

Server	Creator	Cost (USD)	Open source	Software license
ANS [1]	Nominum	?	No	Proprietary
BIND	Internet Systems Consortium	Free	Yes	BSD
CNS [2]	Nominum	?	No	Proprietary
djbdns	Daniel J. Bernstein	Free	No^[3]	License-free software
dnsmasq [4]	Simon Kelley	Free	Yes	GPL
DNRD [5]	Wolfgang Zekoll	Free	Yes	GPL
IPM DNS [6]	EfficientIP	Varies with number of objects in database	No	Proprietary
MaraDNS	Sam Trenholme	Free	Yes	BSD variant
MyDNS [7]	Don Moore	Free	Yes	GPL
NSD	NLnet Labs	Free	Yes	[8]
Posadis	Meilof Veeningen	Free	Yes	GPL
PowerDNS	PowerDNS.COM BV / Bert Hubert	Free	Yes	GPL
Microsoft DNS	Microsoft	Included with Windows Server - MSRP $999	No	Commercial, closed source
Simple DNS Plus [9]	JH Software	$79+	No	Commercial, closed source
VitalQIP	Lucent Technologies	Varies with number of objects in database	No	Commercial, closed source

↑ djbdns source code is freely available, but not under an OSI-approved license. See the djbdns article for details.

[edit] Features

Server	authoritative	recursive ^†	slave mode ^†	caching ^†	DNSSEC	TSIG	IPv6	wildcard	interface	DNS Views Support
ANS	Yes	No	Yes	No	Yes	Yes	?	?	command line	?
BIND	Yes	Yes	Yes	Yes	Yes	Yes	Yes (since 9.x)	Yes (since 4.x)	command line	Yes
CNS	No	Yes	N/A	Yes	Yes	No	Yes	?	command line	?
djbdns	Yes^†	Yes^†	Partial^†	Yes	No	No	Yes	Yes	command line	Yes^†
DNRD	Partial	No	?	Yes	No	No	No	?	?	?
dnsmasq	Yes	No	No	Yes	Partial	?	Yes	Yes	command line	No
IPControl	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	?	?
IPM DNS	Yes	Yes	Yes	Yes	Yes GSS-TSIG+	Yes	Yes	?	Web, command line, API, SNMP	Yes
MaraDNS	Yes	Yes	Partial^†	Yes	No	No	Partial	Yes	command line	No
MyDNS	Yes	No	?	Yes	?	?	Yes	Yes	Web, command line	?
NSD	Yes	No	Yes	No	Yes	Yes	Yes	?	command line	?
Posadis	Yes	Yes	Yes	Yes	?	?	Yes	?	?	?
PowerDNS	Yes	Yes (via pdns_recursor)	Yes	Yes	No	No	Yes	Yes	Web, command line	?
Microsoft DNS	Yes	Yes	Yes	Yes	Partial^†	Yes	Yes^†	No	GUI, command line	No
Simple DNS Plus	?	?	?	Yes	?	Yes	Yes	?	GUI, Web, command line	?
VitalQIP	Yes	Yes	Yes	Yes	Yes	Partial	Yes	?	GUI, command line	No

↑ djbdns uses separate programs for authoritative and recursive DNS serving and the two programs can not share an IP
↑ A standard configuration of most DNS servers used to include both authoritative and recursive functions. For a variety of reasons including DNS cache poisoning, such "dual mode" configurations are now less common and some software does not allow such configuration. The ability of software to operate "dual mode" as both authoritative and recursive could therefore be seen as either desirable or undesirable.
↑ In general, describing a server as a "master" or "slave" is only applicable to servers that are authoritative. Therefore, this column should probably be N/A if "authoritative" is "no".
↑ In general, a server that does not recurse will not cache data either--so this column should probably be N/A if "recursive" is "no".
↑ djbdns provides facilities to transfer zones; after completing the zone transfer, djbdns can act as an authoritative server for that zone. Consult the axfr-get documentation for further information.
↑ This is not the same as views in bind. But it is a solution with more capabilities for the same problem See: section of tinydns-data.
↑ MaraDNS cannot directly provide slave support. Instead, a zone transfer is needed, after which MaraDNS will act as an authoritative server for that zone. See DNS Slave for further information.
↑ DNSSEC functionality must be manually activated in the registry. It is not enabled by default, and is only available in Windows Server 2003. Additionally, the DNSSEC support is sufficient to act as a slave/secondary server for a signed zone, but not sufficient to create a signed zone (lack of key generation and signing utilities).
↑ IPv6 functionality in the Microsoft DNS server is only available on Windows Server 2003, and only if enabled from the command line.

[edit] Platforms

The operating systems or virtual machines the DNS server are designed to run on without emulation; there are several possibilities:

No indicates that it does not exist or was never released.

Partial indicates that while it works, the server lacks important functionality compared to versions for other OSs; it is still being developed however.

Beta indicates that while a version is fully functional and has been released, it is still in development (e.g. for stability).

Yes indicates that it has been officially released in a fully functional, stable version.

Dropped indicates that while the server works, new versions are no longer being released for the indicated OS; the number in parentheses is the last known stable version which was officially released for that OS.

Included indicates that the server comes pre-packaged with or has been integrated into the operating system.

Please note that the list is not exhaustive, but rather reflects the most common platforms today.

Server	BSD	Solaris	Linux	Windows	Mac OS X
ANS	Yes	Yes	Yes	?	?
BIND	Yes	Included	Yes	Yes^†	Included
CNS	Yes	Yes	Yes	?	?
djbdns	Yes	Yes	Yes	No	Yes
DNRD	Yes	?	Yes	No	Yes
dnsmasq	Yes	Dropped (1.18)	Yes	No	Yes
IPControl	No	Yes	Yes	Yes	No
IPM DNS	Yes	Yes	Yes	No	Yes
MaraDNS	Yes	Yes [10]	Yes	Partial	Yes
MyDNS	Yes	Yes	Yes	?	?
NSD	Yes	Yes	Yes	?	Yes
Posadis	Yes	Yes	Yes	Yes [11]	Yes
PowerDNS	Yes	Yes [12]	Yes	Yes	Beta
Microsoft DNS	No	No	No	Included^†	No
Simple DNS Plus	No	No	No	Yes	No
VitalQIP	No	Yes	Yes	Yes	No

↑ BIND is available for Windows NT-based systems (including Windows 2000, XP, and Server 2003) in a port known as ntbind.
↑ The functionality available with the Microsoft DNS server varies depending on the version of the underlying operating system; like most Windows Server components, it is upgraded only with the rest of the operating system. Certain functionality, such as DNSSEC and IPv6 support, is only available in the Windows Server 2003 version. Windows 2000 Server includes TSIG support. The Microsoft DNS Server is not available on Windows client operating systems such as Windows XP.