===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/etc/unbound.conf,v
retrieving revision 1.19
retrieving revision 1.20
diff -c -r1.19 -r1.20
*** src/etc/unbound.conf	2019/11/07 15:46:37	1.19
--- src/etc/unbound.conf	2020/06/21 16:59:45	1.20
***************
*** 1,4 ****
! # $OpenBSD: unbound.conf,v 1.19 2019/11/07 15:46:37 sthen Exp $
  
  server:
  	interface: 127.0.0.1
--- 1,4 ----
! # $OpenBSD: unbound.conf,v 1.20 2020/06/21 16:59:45 sthen Exp $
  
  server:
  	interface: 127.0.0.1
***************
*** 19,30 ****
  	hide-identity: yes
  	hide-version: yes
  
! 	# Perform DNSSEC validation. Comment out the below option to disable.
  	#
  	auto-trust-anchor-file: "/var/unbound/db/root.key"
  	val-log-level: 2
  
! 	# Uncomment to synthesize NXDOMAINs from DNSSEC NSEC chains
  	# https://tools.ietf.org/html/rfc8198
  	#
  	aggressive-nsec: yes
--- 19,30 ----
  	hide-identity: yes
  	hide-version: yes
  
! 	# Perform DNSSEC validation.
  	#
  	auto-trust-anchor-file: "/var/unbound/db/root.key"
  	val-log-level: 2
  
! 	# Synthesize NXDOMAINs from DNSSEC NSEC chains.
  	# https://tools.ietf.org/html/rfc8198
  	#
  	aggressive-nsec: yes