A group of experts has released an open source alternative to the BIND DNS server software that boasts higher performance and better security.

The new DNS server -- dubbed Unbound 1.0 -- is available here.  

Unbound is a recursive DNS server, which is used by ISPs and enterprises to support DNS look-ups by users. DNS is the feature of the Internet that matches domain names with IP addresses, and it is used for Web browsing, e-mail and Internet-based telephony.

Unbound was released Tuesday to open source developers by NLnet Labs, VeriSign, Nominet and Kirei. NLnet Labs, a nonprofit research firm based in The Netherlands, will provide ongoing support for the software.

From its first prototype in 2004, Unbound was designed to be a faster, more secure replacement for BIND. Unbound supports DNS security extensions (DNSSEC), which authenticate DNS lookups but are not yet widely deployed because they rely on a public key infrastructure.

"One of the main advantages is that it's high performing. We designed it from the beginning to be fast," says Matt Larson, director of DNS research with VeriSign. "We also designed it from the beginning to support DNSSEC. Other DNS servers had to bolt that on, but we were able to start fresh."

VeriSign has tested Unbound but isn't using it in production mode.

VeriSign runs the authoritative DNS servers for .com and .net, which are the servers that respond to queries from recursive DNS servers like Unbound. VeriSign uses homegrown software it calls ATLAS for its authoritative DNS servers.

VeriSign said that by offering Unbound to the open source community, it is trying to give back to the Internet community.

"Our goal [with Unbound] is to have an active community. We want to get to the point where the community is looking at it, monitoring it and adding patches," Larson says. "This is just another example of VeriSign's innovation. We're always moving forward."

Developed in the early 1980s, BIND (Berkeley Internet Name Domain) is the most popular DNS server software on the Internet. However, BIND has suffered from serious security flaws, even in its current release, BIND 9.

BIND alternatives already exist, including DNS server software from Microsoft and Cisco and appliances from Infoblox, InfoWeapons and others. Another option is free DNS services from OpenDNS and NeuStar.

Whitepapers

• Selecting Effective Virtual Directories
• Best Practices for HP Servers and HP Enterprise Virtual Array in a Microsoft Exchange
• Compliance, Protection, Recovery: A Layered Approach to Laptop Security
• Endpoint Security: Data Protection for IT, Freedom for Laptop Users
• IT Departments on Data Security: A Research Concepts Survey
• Laptop Security Tool Helps Allina Hospitals Track 97% of IT Assets

View more SOFTWARE whitepapers

Webcasts

• Managing the End User Experience-A Real World Example of Success
• Lowering the Cost of Email Archives
• Google Webcast: Why archive email? Top challenges and best practices
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies
• Technical Overview of Exchange Server 2007 with HP Servers and Storage
• Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management On-Demand

View more SOFTWARE webcasts

Special Reports

• Application Performance Management Executive Guide
• Executive Guide: Building a Service Oriented Architecture
• IT Buyers Guide To: Collaboration

View more SOFTWARE special reports