About the Amazing Technitium DNS Server Application

This will be the first in a series of posts discussing third-party utilities that make my job easier. As always, exercise caution with any application with which you are unfamiliar.

This month I’d like to discuss Technitium’s excellent DNS Server application. This is a free, open-source application (GPLv3), that runs on Windows, Linux, macOS, the ubiquitous Raspberry Pi, or in a Docker container. As the name implies, it allows you to run a DNS server using DNS-over-HTTPS, DNS-over-TLS, and DNS-over-QUIC.

Management of the server is handled using a web browser, and the included options are almost as endless as the breadsticks at Olive Garden.

server management via web browser

Pros and Features

As would be expected with any competent DNS server, it supports authoritative zones, error and audit logging (which provide an easy window into what is happening with the server), the ability to view cached DNS queries, and a built-in DNS client if you’re feeling too lazy to use nslookup. Oh, and lest I forget, it also has a DHCP server which adds even more utility for testing purposes.

Some of the additional features include the following:

  • High-performance DNS server based on async IO that can serve millions of requests per minute even on a commodity desktop PC (load tested on Intel i7-8700 CPU with more than 100,000 request/second over Gigabit Ethernet)
  • DNS-over-HTTPS implementation supports HTTP/1.1, HTTP/2, and HTTP/3 transport protocols
  • DNSSEC validation support with RSA & ECDSA algorithms for recursive resolver, forwarders, and conditional forwarders
  • Advanced caching with features like serve stale, prefetching, and auto prefetching
  • Primary, Secondary, Stub, and Conditional Forwarder zone support
  • Static stub zone support implemented in Conditional Forwarder zone to force a domain name to resolve via given name servers using NS records
  • Zone transfer support
  • Wildcard subdomain support

One feature I want to call out is ad blocking. Sure, you can do this in your web browser with the appropriate plugin, but Technitium DNS Server allows you to do so at the DNS level. For home use, this makes it a great alternative to Pi-hole.

ad blocking at the DNS level

Forwarders can be configured manually or by using a predefined list of the most popular public DNS services available (CloudFlare, Google, Quad9, OpenDNS, or AdGuard). The included forwarder options even make selecting a protocol incredibly simple.

forwarder protocol with Technitium DNS server

There’s also a built-in app “store,” where you can download extensions that add features. You can even create your own apps, provided of course you have the expertise and inclination.

Technitium DNS app store

While Technitium DNS is not a replacement for Active-Directory-integrated DNS using Windows Server, it does serve as a great tool for deployment testing, troubleshooting, or home use. This is one piece of software that I’m happy to see free and open-source, but would have gladly paid for.

The One Con With Technitium DNS Server

There is one issue I’ve come across when running Technitium DNS on Windows 10/11, and that is interference from Internet Connection Sharing (ICS). Any application that makes use of the ICS service will cause problems, as ICS listens for UDP traffic on port 53. So, roles like Hyper-V (using the default switch) and applications such as Microsoft Defender Application Guard or Docker will therefore be problematic. As a refresher, you can always check to see what ports are open, and by what processes, by running the following command in the Windows CLI: netstat -aon

Where to Get Technitium DNS

Technitium DNS can be download from the following sources:

Have any questions about how to use Technitium? Feel free to contact our experts at any time!

This publication contains general information only and Sikich is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or any other professional advice or services. This publication is not a substitute for such professional advice or services, nor should you use it as a basis for any decision, action or omission that may affect you or your business. Before making any decision, taking any action or omitting an action that may affect you or your business, you should consult a qualified professional advisor. In addition, this publication may contain certain content generated by an artificial intelligence (AI) language model. You acknowledge that Sikich shall not be responsible for any loss sustained by you or any person who relies on this publication.

About the Author