Technitium – self host a DNS server for privacy and security

Technitium DNS Server is an authoritative as well as recursive DNS server that can be used for self hosting a DNS server for privacy and security.

It works out-of-the-box with no or minimal configuration and provides a user friendly web console accessible using any modern web browser.

This is free and open source software.

Features include:

• Supports working as an authoritative as well as a recursive DNS server.
• High performance DNS server based on async IO that can serve millions of requests per minute even on a commodity desktop PC hardware (load tested on Intel i7-8700 CPU with more than 100,000 request/second over Gigabit Ethernet).
• Self host DNS-over-TLS, DNS-over-HTTPS, and DNS-over-QUIC DNS services on your network.
• DNS-over-HTTPS implementation supports HTTP/1.1, HTTP/2, and HTTP/3 transport protocols.
• Supports DNS over PROXY protocol version 1 and 2 for both UDP and TCP transports.
• Use public DNS resolvers like Cloudflare, Google, Quad9, and AdGuard with DNS-over-TLS, DNS-over-HTTPS, or DNS-over-QUIC protocols as forwarders.
• Support for latency based name server selection algorithm that works with concurrency feature for both recursive resolution and forwarders.
• Advanced caching with features like serve stale, prefetching and auto prefetching.
• Persistent caching feature that saves cache to disk when DNS server restarts.
• DNS rebinding attack protection feature available with DNS Rebinding Protection App.
• DNSSEC validation support with RSA & ECDSA algorithms for recursive resolver, forwarders, and conditional forwarders.
• DNSSEC support for all supported DNS transport protocols including encrypted DNS protocols.
• DANE TLSA [RFC 6698] record type support. This includes support for automatically generating the hash values using certificates in PEM format.
• SVCB & HTTPS [draft-ietf-dnsop-svcb-https] record type support.
• URI [RFC 7553] record type support.
• SSHFP [RFC 4255] record type support.
• CNAME cloaking feature to block domain names that resolve to CNAME which are blocked.
• QNAME minimization support in recursive resolver [RFC 9156].
• QNAME case randomization support for UDP transport protocol [draft-vixie-dnsext-dns0x20-00].
• DNAME record [RFC 6672] support.
• ANAME proprietary record support to allow using CNAME like feature at zone apex (CNAME flattening). Supports multiple ANAME records at both zone apex and sub domains.
• APP proprietary record support that allows custom DNS Apps to directly handle DNS requests and return a custom DNS response based on any business logic.
• Support for features like Split Horizon and Geolocation based responses using DNS Apps feature.
• Support for REGEX based block lists with different block lists for different client IP addresses or subnet using Advanced Blocking DNS App.
• Primary, Secondary, Stub, and Conditional Forwarder zone support.
• Static stub zone support implemented in Conditional Forwarder zone to force a domain name to resolve via given name servers using NS records.
• Supports Catalog Zones [RFC 9432].
• Supports record aging where the records with expiry set are automatically removed from the zone.
• Bulk conditional forwarding support using Advanced Forwarding DNS App.
• DNSSEC signed zones support with RSA & ECDSA algorithms.
• DNSSEC support for both NSEC and NSEC3.
• Zone transfer with AXFR and IXFR [RFC 1995] and DNS NOTIFY [RFC 1996] support.
• Zone transfer over TLS (XFR-over-TLS) [RFC 9103] support.
• Zone transfer over QUIC (XFR-over-QUIC) [RFC 9250] support.
• Support for zone validation using ZONEMD records [RFC 8976] for Secondary zones.
• Dynamic DNS Updates [RFC 2136] support with security policy.
• Secret key transaction authentication (TSIG) [RFC 8945] support for zone transfers.
• EDNS(0) [RFC6891] support.
• EDNS Client Subnet (ECS) [RFC 7871] support for recursive resolution and forwarding.
• Extended DNS Errors [RFC 8914] support.
• DNS64 function [RFC 6147] support for use by IPv6 only clients using the DNS64 App.
• Support to host DNSBL / RBL block lists [RFC 5782].
• Multi-user role based access with non-expiring API token support.
• Self host your domain names on your own DNS server.
• Wildcard sub domain support.
• Enable/disable zones and records to allow testing with ease.
• Built-in DNS Client with option to import responses to local zone.
• Supports out-of-order DNS request processing for DNS-over-TCP and DNS-over-TLS protocols [RFC 7766].
• Built-in DHCP Server that can work for multiple networks.
• IPv6 support in DNS server core.
• HTTP & SOCKS5 proxy support which can be configured to route DNS over Tor Network or use
• Cloudflare’s hidden DNS resolver.
• Web console portal for easy configuration using any web browser.
• Built in HTTP API to allow 3rd party apps to control and configure the DNS server.
• Built-in system logging and query logging.
• Cross-platform support – runs under Linux, Raspberry Pi, macOS, and Windows.

Website: github.com/TechnitiumSoftware/DnsServer
Support:
Developer: Technitium
License: GNU General Public License v3.0

Technitium is written in C#. Learn C# with our recommended free books and free tutorials.

Return to DNS Servers

Popular series
	The largest compilation of the best free and open source software in the universe. Each article is supplied with a legendary ratings chart helping you to make informed decisions.
	Hundreds of in-depth reviews offering our unbiased and expert opinion on software. We offer helpful and impartial information.
	The Big List of Active Linux Distros is a large compilation of actively developed Linux distributions.
	Replace proprietary software with open source alternatives: Google, Microsoft, Apple, Adobe, IBM, Autodesk, Oracle, Atlassian, Corel, Cisco, Intuit, and SAS.
	Awesome Free Linux Games Tools showcases a series of tools that making gaming on Linux a more pleasurable experience. This is a new series.
	Machine Learning explores practical applications of machine learning and deep learning from a Linux perspective. We've written reviews of more than 40 self-hosted apps. All are free and open source.
	New to Linux? Read our Linux for Starters series. We start right at the basics and teach you everything you need to know to get started with Linux.
	Alternatives to popular CLI tools showcases essential tools that are modern replacements for core Linux utilities.
	Essential Linux system tools focuses on small, indispensable utilities, useful for system administrators as well as regular users.
	Linux utilities to maximise your productivity. Small, indispensable tools, useful for anyone running a Linux machine.
	Surveys popular streaming services from a Linux perspective: Amazon Music Unlimited, Myuzi, Spotify, Deezer, Tidal.
	Saving Money with Linux looks at how you can reduce your energy bills running Linux.
	Home computers became commonplace in the 1980s. Emulate home computers including the Commodore 64, Amiga, Atari ST, ZX81, Amstrad CPC, and ZX Spectrum.
	Now and Then examines how promising open source software fared over the years. It can be a bumpy ride.
	Linux at Home looks at a range of home activities where Linux can play its part, making the most of our time at home, keeping active and engaged.
	Linux Candy reveals the lighter side of Linux. Have some fun and escape from the daily drudgery.
	Getting Started with Docker helps you master Docker, a set of platform as a service products that delivers software in packages called containers.
	Best Free Android Apps. We showcase free Android apps that are definitely worth downloading. There's a strict eligibility criteria for inclusion in this series.
	These best free books accelerate your learning of every programming language. Learn a new language today!
	These free tutorials offer the perfect tonic to our free programming books series.
	Linux Around The World showcases usergroups that are relevant to Linux enthusiasts. Great ways to meet up with fellow enthusiasts.
	Stars and Stripes is an occasional series looking at the impact of Linux in the USA.