Unbound is a validating, recursive, caching resolver. It is designed to be a fast and lean set of modular components that incorporate modern features, such as DNSSEC validation, IPv6 support and a client resolver API as an integral part of the architecture.

Unbound runs on FreeBSD, OpenBSD, NetBSD, MacOS, Linux and Microsoft Windows, with packages available for most platforms. Unbound is included in the base-system of FreeBSD and OpenBSD. The software is distributed free of charge in open source form under the BSD license.

To help increase online privacy, Unbound supports DNS over TLS which allows clients to encrypt their communication. In addition, it supports various modern standards that limit the amount of data exchanged with authoritative servers. These standards do not only improve privacy but also help making the DNS more robust. The most important are Query Name Minimisation, the Aggressive Use of DNSSEC-Validated Cache and support for authority zones, which can be used to load a copy of the root zone.

Installation and configuration of Unbound is designed to be easy. Setting up a validating, recursive, caching resolver which can be used for a single machine or multi-machine LAN can be done with only a few lines of configuration.