Unbound 1.7.0rc2 pre-release

Kazunori Fujiwara fujiwara at wide.ad.jp
Sun Mar 11 21:33:24 UTC 2018

> From: Ralph Dolmans via Unbound-users <unbound-users at unbound.net>
>> - Aggressive use of NSEC is not so transparent to me.
>>   unsure, what I really may expect here. Under which conditions is this active?
> When this option is enabled Unbound will try to use cached NSEC records
> to generate an NXDOMAIN, NODATA or wildcard answer. See RFC8198.

Thanks very much for implementing RFC 8198.

One comment is that there is no documentation about "aggressive-nsec: yes"
in server secton. (default no)

# I read it from util/config_file.c .

Please add documentations about aggressive-nsec.

Kazunori Fujiwara / fujiwara at jprs.co.jp

More information about the Unbound-users mailing list