Why use MaraDNS?
MaraDNS is a good solution where you need a currently supported
cross-platform recursive DNS server with a small binary footprint
(under 64k!) and a relatively small memory footprint (about 2-4 megs
with the default settings). As an authoritative server, MaraDNS is
a good solution if you have relatively few reasonably static domains
(IPs don't change very often) and need a DNS server that very quickly
fetches records from memory.
MaraDNS makes a lot of sense on low-end low-cost servers (where any file
open or fork() is dog-slow) and on systems where the DNS server is best
small. MaraDNS also can make sense for embedded systems (OpenWRT, etc.),
but keep in mind that its constant malloc()s and free()s of memory is
not ideal with some low-end embedded toolkits.
MaraDNS as an authoritative server is a mature product with over a decade
of real-world use. Deadwood, the newer recursive server, is younger:
It has existed in some form for five years but has only been fully
recursive for two; it has had a fair amount of testing in that time frame.
MaraDNS doesn't make sense if you need DNSSEC, full zone transfers, EDNS,
or other newer DNS features. MaraDNS doesn't make sense if you need
a server that developers are still adding features to: It is a mature
and, barring a large inflow of cash or another open-source developer
willing to step up to plate, a finished product.
MaraDNS in the press
MaraDNS has been praised in the press. Here are some examples of books,
articles, and papers which discuss MaraDNS:
- Mens, Jan-Piet (2008). Alternative DNS Servers: Choice and
Deployment, and Optional SQL/LDAP Back-Ends (Paperback).
UIT Cambridge Ltd. ISBN 0954452992.
This book devotes an entire chapter to MaraDNS
- Danchev, Dancho. How OpenDNS, PowerDNS and
MaraDNS remained unaffected by the DNS cache poisoning vulnerability
This article affirms MaraDNS' excellent security design, pointing out
that MaraDNS was never vulnerable to the 2008 cache poisoning attacks.
- Schroder, Carla (2007). Linux Networking Cookbook (Paperback).
O'Reilly. ISBN 0596102488.
This book, on page 545, endorses MaraDNS,
stating that "My recommended combination is [...] MaraDNS for a public
- João Antunes; Nuno Ferreira Neves; Paulo Veríssimo (2007), Finding Local
Resource Exhaustion Vulnerabilities, 18th IEEE International
Symposium on Software Reliability Engineering, Trollhättan, Sweden
This article discussion MaraDNS' denial-of-service resistance, pointing
out that "Figure 2, for instance, shows that the BIND server performs worse
than MaraDNS under the same attack, which means that the later is able to
sustain a larger number of attacks than the first"
- Rutherford, Matthew J. (2006), Adequate System-Level Testing of
Distributed Systems, Department of Computer Science, Boulder, CO,
This PhD thesis mentions MaraDNS several times.
MaraDNS is used by a number of ISPs to serve thousands of domains. MaraDNS
is used by Boeing. MaraDNS is ready to be used by your business or