Hi, On 11/03/18 22:33, Kazunori Fujiwara via Unbound-users wrote: >> From: Ralph Dolmans via Unbound-users <unbound-users@unbound.net> >>> - Aggressive use of NSEC is not so transparent to me. >>> unsure, what I really may expect here. Under which conditions is this >>> active? >> >> When this option is enabled Unbound will try to use cached NSEC records >> to generate an NXDOMAIN, NODATA or wildcard answer. See RFC8198. > > Thanks very much for implementing RFC 8198. > > One comment is that there is no documentation about "aggressive-nsec: yes" > in server secton. (default no) > > # I read it from util/config_file.c . > > Please add documentations about aggressive-nsec.
Did that for the upcoming rc3 of 1.7.0, thank you for noting it, Best regards, Wouter > > -- > Kazunori Fujiwara / fujiw...@jprs.co.jp >
signature.asc
Description: OpenPGP digital signature