Unbound 1.7.0rc2 pre-release
Kazunori Fujiwara
fujiwara at wide.ad.jp
Sun Mar 11 21:33:24 UTC 2018
> From: Ralph Dolmans via Unbound-users <unbound-users at unbound.net>
>> - Aggressive use of NSEC is not so transparent to me.
>> unsure, what I really may expect here. Under which conditions is this active?
>
> When this option is enabled Unbound will try to use cached NSEC records
> to generate an NXDOMAIN, NODATA or wildcard answer. See RFC8198.
Thanks very much for implementing RFC 8198.
One comment is that there is no documentation about "aggressive-nsec: yes"
in server secton. (default no)
# I read it from util/config_file.c .
Please add documentations about aggressive-nsec.
--
Kazunori Fujiwara / fujiwara at jprs.co.jp
More information about the Unbound-users
mailing list