That option was present in CU139 and was not present in CU141.
The post for the release of CU141 mentions “Faster boot because of fewer checks being executed at boot time”
This may be related to the removal of that option from the initscript.
It basically is checking if the name-server is DNSSEC aware, if it is DNSSEC validating or if there is some other error such as unreachable etc.
I suspect that the removal of the code was part of the move to making dnssec mandatory with IPFire. If a name server is not dnssec aware or validating then it will be marked as an error and not used.
So you automatically get the info from that test-name-server test in the normal operation of unbound now.
I think that test was originally intended to give info about whether a name server that was planned to be used was dnssec aware and using it or not, when you could still have non dnssec validating name servers used in IPFire.
I tried to find that code you mentioned, but had no luck. Also tried to find some information on how to recreate the old behaviour by using other commands without luck.
I believe that all the required code, including variables and subroutines is in this initscript but I don’t guarantee that. You will need to review it and make up your own script to carry out the function.
However, I think if you add the involved name server into the IPFire DNS server list it will tell you if there is a problem with that server such as not using dnssec. It will show a red error for the involved server and placing your mouse pointer over the error label will highlight a short message about the error reason. Also the error will be in the unbound log.