i think you can tryopnsense-patch 387fc59and disable it via guior place aggressive-nsec no somewhere in /usr/local/opnsense/service/templates/OPNsense/Unbound/core/advanced.confand Apply unbound settings