Bind9 vs Unbound. What is the best VPN node to use and why?

H

hancack2021-03-20 12:15:12

linux

hancack, 2021-03-20 12:15:12

Hello! I'm currently developing a VPN service and recently ran into a dilemma. One of the requirements for a proper VPN node is to have a DNS server on this very node in order to avoid DNS leaks. While I was looking into this issue, I found two well-known solutions: Bind9 and Unbound. Bind9 - Authoritative DNS server, Unbound - Caching recursive DNS server. I tried to put both solutions, they seem to perform the same task, but I don’t have an exact understanding of how it all works “under the hood”. I read a lot of comparisons between them, but I still can’t decide which one is better for the task at hand. Can you suggest which one is better and why?

Also I saw somewhere that Bind9 has reliability and security issues, is it really so? How safe is it to use in a large public project?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexey Dmitriev, 2021-03-20
@SignFinder

Use Unbound.
Since you will not have your own zones, but will only forward recursive queries to other DNS addresses, the bind functionality will be redundant.
I recently prefer this as a DNS forwarder - adguard home https://adguard.com/en/adguard-home/overview.html