Aggressive NSEC default changed in v1.15.0 as per @StephenLittBelch s…

…uggestion
NLnetLabs · Mar 14, 2022 · dad31e1 · dad31e1
1 parent e8871cc
commit dad31e1
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/source/manpages/unbound.conf.rst b/source/manpages/unbound.conf.rst
@@ -957,7 +957,7 @@ These options are part of the **server:** clause.
 
     aggressive-nsec: *<yes or no>*
         Aggressive NSEC uses the DNSSEC NSEC chain to synthesize NXDOMAIN and other
-        denials, using information from previous NXDOMAINs answers. Default is no.
+        denials, using information from previous NXDOMAINs answers. Default is yes.
         It helps to reduce the query rate towards targets that get a very high
         nonexistent name lookup rate.