Hi Andreas, On 08-03-18 21:29, A. Schulze via Unbound-users wrote: > - Aggressive use of NSEC is not so transparent to me. > unsure, what I really may expect here. Under which conditions is this > active?
When this option is enabled Unbound will try to use cached NSEC records to generate an NXDOMAIN, NODATA or wildcard answer. See RFC8198. -- Ralph
