Index: share/man/man5/resolver.5
===================================================================
--- share/man/man5/resolver.5
+++ share/man/man5/resolver.5
@@ -28,7 +28,7 @@
 .\"     @(#)resolver.5	8.1 (Berkeley) 6/5/93
 .\" $FreeBSD$
 .\"
-.Dd September 15, 2022
+.Dd October 23, 2022
 .Dt RESOLVER 5
 .Os
 .Sh NAME
@@ -123,15 +123,21 @@
 where
 .Sy option
 is one of the following:
-.Bl -tag -width no_tld_query
+.Bl -tag -width reload-period:n
 .It Sy debug
-sets
+Enable debugging information, by setting
 .Dv RES_DEBUG
-in _res.options.
+in _res.options
+.Po see
+.Xr resolver 3
+.Pc .
 .It Sy usevc
-sets
+Use TCP connections for queries instead of UDP, by setting
 .Dv RES_USEVC
-to use TCP instead of UDP for queries.
+in _res.options
+.Po see
+.Xr resolver 3
+.Pc .
 .It Sy ndots: Ns Ar n
 sets a threshold for the number of dots which must appear in a name given to
 .Fn res_query
@@ -149,12 +155,11 @@
 .Em search list
 elements are appended to it.
 .It Sy timeout: Ns Ar n
-sets the initial amount of time the resolver will wait
-for a response from a remote
-name server before retrying the query via a different name server.
-The resolver may wait longer during subsequent retries
-of the current query since an exponential back-off is applied to
-the timeout value.
+sets the initial amount of time the resolver will wait for a response
+from a remote name server before retrying the query via a different
+name server.
+The resolver may wait longer during subsequent retries of the current
+query since an exponential back-off is applied to the timeout value.
 Measured in seconds, the default is
 .Dv RES_TIMEOUT ,
 the allowed maximum is
@@ -162,24 +167,91 @@
 (see
 .In resolv.h ) .
 .It Sy attempts: Ns Ar n
-sets the number of times the resolver will send a query to each of
-its name servers
-before giving up and returning an error to the calling application.
+sets the number of times the resolver will send a query to each of its
+name servers before giving up and returning an error to the calling
+application.
 The default is
 .Dv RES_DFLRETRY ,
 the allowed maximum is
 .Dv RES_MAXRETRY
 (see
 .In resolv.h ) .
+.It Sy rotate
+sets
+.Dv RES_ROTATE
+in _res.options, which causes round robin selection of nameservers
+from among those listed.
+This has the effect of spreading the query among all listed servers,
+rather than having all clients try the first listed server every time.
+.It Sy no-check-names
+sets
+.Dv RES_NOCHECKNAME
+in _res.options, which disables the modern BIND checking of incoming
+host names and mail names for invalid characters such as underscore
+.Pq `_' ,
+non-ASCII, or control characters.
+.It Sy check-names
+clears
+.Dv RES_NOCHECKNAME
+in _res.options, which enables the modern BIND checking of incoming
+host names and mail names as described above.
+This is the default.
+.It Sy edns0
+sets
+.Dv RES_USE_EDNS0
+in _res.options, to enable Extension Mechanisms for DNS
+.Pq EDNS0 ,
+as specified in RFC 2671.
+This causes the resolver to attach optional pseudo resource
+records to DNS queries to inform DNS servers of our receive
+buffer size, so they can send larger replies.
+DNS query packets with EDNS0 extension are not compatible with
+non-EDNS0 DNS servers.
+The option must be used only when all the DNS servers in the
+.Sy nameserver
+lines are able to handle EDNS0 extension.
+.It Sy inet6
+Enable support for IPv6-only applications, by setting
+.Dv RES_USE_INET6 in _res.options
+.Po see
+.Xr resolver 3
+.Pc .
+The option is meaningful only with certain kernel
+configuration and use of this option is discouraged.
+.It Sy insecure1
+sets
+.Dv RES_INSECURE1
+in _res.options, to not require IP source address on the
+reply packet to be equal to the servers' address.
+.It Sy insecure2
+sets
+.Dv RES_INSECURE2
+in _res.options, to not check if the query selection of
+the reply packet is equal to that of the query packet.
+For testing purposes only.
 .It Sy no_tld_query
-tells the resolver not to attempt to resolve a top level domain name, that
-is, a name that contains no dots.
-Use of this option does not prevent
-the resolver from obeying the standard
+sets
+.Dv RES_NOTLDQUERY
+in _res.options.
+The effect is to not attempt to resolve an unqualified name as if it
+were a top level domain (TLD), that is, a name that contains no dots.
+This option can cause problems if the site has ``localhost'' as a TLD
+rather than having localhost on one or more elements of the search
+list.
+Use of this option does not prevent the resolver from obeying the
+standard
 .Sy domain
 and
 .Sy search
 rules with the given name.
+_res.options has
+.Dv RES_DEFNAMES
+and
+.Dv RES_DNSRCH
+enabled by default, and one or both must be enabled for
+this option to have an effect.
+.It Sy no-tld-query
+another name for no_tld_query
 .It Sy reload-period: Ns Ar n
 The resolver checks the modification time of
 .Pa /etc/resolv.conf