diff --git a/etc/unbound/unbound.conf.d/cache.conf b/etc/unbound/unbound.conf.d/cache.conf.SAMPLE
similarity index 93%
rename from etc/unbound/unbound.conf.d/cache.conf
rename to etc/unbound/unbound.conf.d/cache.conf.SAMPLE
index 2f472408..6a232321 100644
--- a/etc/unbound/unbound.conf.d/cache.conf
+++ b/etc/unbound/unbound.conf.d/cache.conf.SAMPLE
@@ -1,4 +1,7 @@
 # Increasing caching
+
+# NOTE AT LEAST CACHE-MIN-TTL IF NOTHING ELSE!
+
 # This has potential to increase memory usage to 110m under heavy usage, but
 # I find that unlikely as almost everything is using so short TTLs
 # See also MEMORY CONTROL EXAMPLE in man unbound.conf
@@ -12,11 +15,13 @@ server:
 	neg-cache-size: 10m
 	# Increases TTL of all queries to 900 seconds (5 minutes) if upstream has
 	# a lower one. I have been using this since August 2019 without issues.
+	# TODO FIXME
 	#cache-min-ttl: 900
 	# https://blog.apnic.net/2019/11/12/stop-using-ridiculously-low-dns-ttls/
 	# dares setting the minimum cache to something between 40 minute and 60,
 	# so how about 50 minutes? However it predates RFC 8767.
-	#cache-min-ttl: 3000
+	# TODO FIXME
+	cache-min-ttl: 3000
 	# Why not just make it hour directly, while that is considered as a
 	# maximum reasonableish value?
 	cache-min-ttl: 3600
@@ -38,8 +43,7 @@ server:
 	# However my /etc/resolv.conf timeout is 1 second since all my nameservers
 	# are localhost, so let's wait 0.8 seconds instead.
 	serve-expired-client-timeout: 800
-	# DNSSEC errors for valid and expired records
-	ede: yes
+	# DNSSEC errors for expired records
 	ede-serve-expired: yes
 
 # vim: filetype=unbound.conf