To me a huge benefit of unbound is that it allows to return whatever you want for wildcards.
Including TLD wildcards.
Seychelles DNS has been hijacked as a whole and only serves malware? Null route the entire .sc.
.ru ? Nah, that won't resolve at my place.
etc.
Then unbound is at ease, even on an old Raspberry Pi, with blocklists made of hundreds of thousands of lines.
To me a huge benefit of unbound is that it allows to return whatever you want for wildcards.
Including TLD wildcards.
Seychelles DNS has been hijacked as a whole and only serves malware? Null route the entire .sc.
.ru ? Nah, that won't resolve at my place.
etc.
Then unbound is at ease, even on an old Raspberry Pi, with blocklists made of hundreds of thousands of lines.