Aggressive NSEC option
Very nice feature for DNS optimization, which can reduce the number of queries to authoritative name servers.
aggressive-nsec: <yes or no> Aggressive NSEC uses the DNSSEC NSEC chain to synthesize NXDOMAIN and other denials, using information from previous NXDOMAINs answers. Default is no. It helps to reduce the query rate towards targets that get a very high nonexis‐ tent name lookup rate.