net: unbound: remove negative caching for better stability

else sometimes addresses are unresolvable at early boot, and never become reachable again

hosts/common/net/dns.nix

@@ -53,7 +53,7 @@ lib.mkMerge [
   # if you enable this, make sure to persist the stateful data.
   # alternatively, use services.unbound.settings.trust-anchor = ... (or trusted-keys-file)
   services.unbound.enableRootTrustAnchor = false;
-  services.unbound.settings.server.cache-max-negative-ttl = 60;
+  # services.unbound.settings.server.cache-max-negative-ttl = 60;  #< intended to limit damage during networking flakes, but instead this seems to cause unbound to cache error responses it *wouldn't* otherwise cache
   # services.unbound.settings.server.use-caps-for-id = true;  #< TODO: randomizes casing to avoid spoofing
   services.unbound.settings.server.prefetch = true;  # prefetch RRs which are about to expire from the cache, to keep them primed
 })