From 4305f45c2f5a08db57f28bc978d73799565156b7 Mon Sep 17 00:00:00 2001
From: Otto <otto.moerbeek@open-xchange.com>
Date: Mon, 15 Feb 2021 15:35:33 +0100
Subject: [PATCH] Document trace=fail better and warn against its shortcomings.

---
 pdns/recursordist/docs/settings.rst | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst
index 022f60ee31..9c20148231 100644
--- a/pdns/recursordist/docs/settings.rst
+++ b/pdns/recursordist/docs/settings.rst
@@ -1754,11 +1754,13 @@ Spawn this number of threads on startup.
 
 ``trace``
 ---------
--  Boolean
--  Default: no
+-  String, one of ``no``, ``yes`` or ``fail``
+-  Default: ``no``
 
 If turned on, output impressive heaps of logging.
 May destroy performance under load.
+To log only queries resulting in a ``ServFail`` answer from the resolving process, this value can be set to ``fail``, but note that the performance impact is still large.
+Also note that queries that do produce a result but with a failing DNSSEC validation are not written to the log
 
 .. _setting-udp-source-port-min:
 
-- 
2.47.2