Document trace=fail better and warn against its shortcomings.

author Otto <otto.moerbeek@open-xchange.com>

Mon, 15 Feb 2021 14:35:33 +0000 (15:35 +0100)

committer Otto <otto.moerbeek@open-xchange.com>

Mon, 15 Feb 2021 14:38:17 +0000 (15:38 +0100)
author Otto <otto.moerbeek@open-xchange.com>
Mon, 15 Feb 2021 14:35:33 +0000 (15:35 +0100)
committer Otto <otto.moerbeek@open-xchange.com>
Mon, 15 Feb 2021 14:38:17 +0000 (15:38 +0100)
diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst

index 022f60ee310980e6956bfe3f7c677ce7208d579a..9c201482316ef116735015c162c407f9dab647ce 100644 (file)
--- a/pdns/recursordist/docs/settings.rst
+++ b/pdns/recursordist/docs/settings.rst
@@ -1754,11 +1754,13 @@ Spawn this number of threads on startup.
  
  ``trace``
  ---------
--  Boolean
--  Default: no
+-  String, one of ``no``, ``yes`` or ``fail``
+-  Default: ``no``
  
  If turned on, output impressive heaps of logging.
  May destroy performance under load.
+To log only queries resulting in a ``ServFail`` answer from the resolving process, this value can be set to ``fail``, but note that the performance impact is still large.
+Also note that queries that do produce a result but with a failing DNSSEC validation are not written to the log
  
  .. _setting-udp-source-port-min:
author	Otto <otto.moerbeek@open-xchange.com>
	Mon, 15 Feb 2021 14:35:33 +0000 (15:35 +0100)
committer	Otto <otto.moerbeek@open-xchange.com>
	Mon, 15 Feb 2021 14:38:17 +0000 (15:38 +0100)