enable aggressive-nsec

for detailed description and benefits read https://medium.com/nlnetlabs/aggressive-use-of-the-dnssec-validated-cache-in-unbound-1ab3e315d13f
4 years ago · d0bb7e6ac9
parent b15b09c12a
commit d0bb7e6ac9
1 changed files with 1 additions and 0 deletions
--- a/unbound.sh
+++ b/unbound.sh
@ -67,6 +67,7 @@ server:
  access-control: 0.0.0.0/0 allow
  access-control: ::0/0 allow
  tls-cert-bundle: "/etc/ssl/certs/ca-certificates.crt"
+  aggressive-nsec: yes

  local-zone: "belkin." static
  local-zone: "corp." static